Automated oil rigs vulnerable to hacking

Foreign Policy magazine ran an article last week on the vulnerability of offshore oil rigs to hacking via computer networks. At the crux of the issue is how oil rigs are increasingly automated and controlled wirelessly from onshore facilities. However, despite the newest oil rigs costing "upwards of $1 billion" apiece, the underlying control system is anything but sophisticated.

On the decades-old control system called the supervisory control and data acquisition (SCADA) software, a former counterterrorism and intelligence analyst with the U.S. Interior Department was quoted as saying, "It's underappreciated how vulnerable some of these systems are. It is possible, if you really understood them, to cause catastrophic damage by causing safety systems to fail."

Much as this is a call to take corrective action on the aging SCADA software, I think it is also a somber reminder that the sophistication of security attacks will only continue to increase. As a parallel, computer scientists have recently developed a "one minute" attack on the commonly used TKIP algorithm in WPA, which was considered robust just last year.

So, just as what was adequate decades ago is no longer considered secure today, care must be taken to engineer robust security measures into the systems we deploy now.

For more on this story:
- check out this article at ForeignPolicy.com

Related Articles:
Five ways to get serious about security
New attack opens the door to one minute WPA crack
Malware attacks 57,000 websites
Managed security in vogue