This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/news/technology-40642962
The article has changed 2 times. There is an RSS feed of changes available.
Previous version
1
Next version
| Version 0 | Version 1 |
|---|---|
| Hacks 'probably compromised' UK industry | Hacks 'probably compromised' UK industry |
| (about 2 hours later) | |
| Some industrial software companies in the UK are "likely to have been compromised" by hackers, according to a document reportedly produced by British spy agency GCHQ. | Some industrial software companies in the UK are "likely to have been compromised" by hackers, according to a document reportedly produced by British spy agency GCHQ. |
| A copy of the document from the National Cyber Security Centre (NCSC) - part of GCHQ - was obtained by technology website Motherboard. | A copy of the document from the National Cyber Security Centre (NCSC) - part of GCHQ - was obtained by technology website Motherboard. |
| A follow-up by the BBC indicated that the document was legitimate. | A follow-up by the BBC indicated that the document was legitimate. |
| There have been reports about similar cyber-attacks around the world lately. | There have been reports about similar cyber-attacks around the world lately. |
| Modern, computer-based industrial control systems manage equipment in facilities such as power stations. | Modern, computer-based industrial control systems manage equipment in facilities such as power stations. |
| And attacks attempting to compromise such systems had become more common recently, one security researcher said. | And attacks attempting to compromise such systems had become more common recently, one security researcher said. |
| The NCSC report specifically discusses the threat to the energy and manufacturing sectors. | The NCSC report specifically discusses the threat to the energy and manufacturing sectors. |
| It also cites connections from multiple UK internet addresses to systems associated with "advanced state-sponsored hostile threat actors" as evidence of hackers targeting energy and manufacturing organisations. | It also cites connections from multiple UK internet addresses to systems associated with "advanced state-sponsored hostile threat actors" as evidence of hackers targeting energy and manufacturing organisations. |
| According to Motherboard, one line in the document reads: "NCSC believes that due to the use of widespread targeting by the attacker, a number of industrial control system engineering and services organisations are likely to have been compromised." | According to Motherboard, one line in the document reads: "NCSC believes that due to the use of widespread targeting by the attacker, a number of industrial control system engineering and services organisations are likely to have been compromised." |
| Spate of attacks | Spate of attacks |
| A spokesman for the NCSC did not confirm nor deny the contents of the document cited by Motherboard. | A spokesman for the NCSC did not confirm nor deny the contents of the document cited by Motherboard. |
| "We are aware of reports of malicious cyber-activity targeting the energy sector around the globe," he said in a statement. | "We are aware of reports of malicious cyber-activity targeting the energy sector around the globe," he said in a statement. |
| "We are liaising with our counterparts to better understand the threat and continue to manage any risks to the UK." | "We are liaising with our counterparts to better understand the threat and continue to manage any risks to the UK." |
| The case had the hallmarks of an attack orchestrated by a nation state, said security expert Mikko Hypponen at F-Secure. | |
| "I can easily see an intelligence agency being tasked with the mission of creating a foothold in energy distribution systems in case it is needed during a crisis or conflict," he said. | |
| There had been a spate of such cases recently, said Ruben Santamarta, principal security consultant at cyber-security company IOActive. | There had been a spate of such cases recently, said Ruben Santamarta, principal security consultant at cyber-security company IOActive. |
| "It's not a very targeted attack, it's affected a lot of countries, a lot of different companies," he told the BBC. | "It's not a very targeted attack, it's affected a lot of countries, a lot of different companies," he told the BBC. |
| "It doesn't mean that someone is going to use these capabilities to turn off the lights in our cities in the near future, but it's interesting that they are trying to get those capabilities." | "It doesn't mean that someone is going to use these capabilities to turn off the lights in our cities in the near future, but it's interesting that they are trying to get those capabilities." |
| Hackers have also affected Ireland's Electricity Supply Board (ESB), according to a report in the Times on 15 July citing anonymous sources. | Hackers have also affected Ireland's Electricity Supply Board (ESB), according to a report in the Times on 15 July citing anonymous sources. |
| The newspaper noted that industrial control systems at ESB were implicated, which could mean parts of the electricity grid in Northern Ireland were made vulnerable. | The newspaper noted that industrial control systems at ESB were implicated, which could mean parts of the electricity grid in Northern Ireland were made vulnerable. |
| And in the US earlier this month, it was reported that hackers had gained access to a company in charge of a nuclear power plant in Kansas. | And in the US earlier this month, it was reported that hackers had gained access to a company in charge of a nuclear power plant in Kansas. |
Previous version
1
Next version