Dragonfly BMS & SCADA

Dragonfly and the Implications for Irish Businesses

Liam Relihan News & Updates

Dublin, Ireland

Yesterday, Liam Relihan, the CTO of ResourceKraft, a Limerick-based supplier of energy management systems warned that Irish businesses and government institutions were vulnerable to an ever larger collection of cyber attackers. He stated that “the Building Management Systems (BMS) and SCADA systems that have been deployed by Irish businesses and government bodies present an increasing attack vector for would-be hackers. Software systems that control water pumping stations and production lines are increasingly being attacked by well-organised groups. These systems were, in some cases, designed in the eighties or nineties and are simply not designed from the ground up to be secure in the hostile environment of the Internet”.

Mr. Relihan explained that dragonfly uses a range of techniques that have evolved over time to infect products provided by companies, which sell Building Management Systems (BMS) and SCADA systems to industrial, commercial and government customers.

He went on to say that :

“the recent Dragonfly campaign has exposed the fact that public utilities are now a target, at a time when increasing automation is needed more than ever to drive efficiencies and to reduce costs”

It is believed by security researches like Symantec and F-Secure that the dragonfly attacks were developed to gather information from the organisations targeted, and open a backdoor for future sabotage. Dragonfly’s targets include energy grid operators, electricity generating businesses, pipelines and suppliers of industrial equipment to the sector in the US, Spain, France, Italy, Germany, Turkey, and Poland. However, Mr Relihan said there was every likelihood that future attacks would be widened to include Ireland-based organisations. He stated that the problem was compounded by the fact that control systems are increasingly being connected to the cloud to provide for more centralised control. While centralised control is an obvious benefit, it means that what might previously have been relatively secure systems are now vulnerable to a range of attacks.

Mr. Relihan says that in his conversations with ResourceKraft customers, he encourages customers to sever any open connections to vendors that give them “back door” remote access to their control system devices. He also discretely mentioned a large multinational based in Ireland that recently installed a state-of-the-art building control system. The system was designed to be attached to the Internet for energy monitoring. However, within hours it had been subjected to cyber-attacks from the Far East. The system has now been disconnected from the Internet.