Tag Archives: SCADA

Did Cyberattack Cause Dali To Hit Baltimore Bridge?!

Did a cyberattack cause the Dali to hit the Francis Scott Key Bridge in Baltimore, causing it to collapse?!

Take a look at the viral claims, and find out what the facts really are!

 

Claim : Cyberattack Caused Dali To Hit Baltimore Bridge!

Right after news broke that the Francis Scott Key Bridge in Baltimore collapsed after being hit by a massive container ship, some people immediately began suggesting there was more to the tragedy than meets the eyes…

Alex Jones : Looks deliberate to me. A cyber-attack is probable. WW3 has already started..

Andrew Tate : This ship was cyber-attacked. Lights go off and it deliberately steers towards the bridge supports. Foreign agents of the USA attack digital infrastructures. Nothing is safe. Black Swan event imminent.

Recommended : Baltimore Bridge Collapse Conspiracies Debunked!

No Evidence Cyberattack Caused Dali To Hit Baltimore Bridge!

This appears to be yet another example of fake news created or promoted by conspiracy theorists and conspiracists, and here are the reasons why…

Fact #1 : Dali Lost Power Before Hitting Baltimore Bridge!

Let me start by simply pointing out that the Dali – a massive container ship, only hit the Francis Scott Key Bridge in Baltimore, after it lost engine power.

The Dali lost power soon after leaving the Port of Baltimore in the middle of the night. Not only were the crew blinded in the dark, none of its electronics worked and there was no propulsion, so they were unable to control the ship.

As the crew tried unsuccessfully to restart its engine, a local pilot onboard the vessel ordered the ship to be steered to port (left), and the anchor to be dropped. While the crew managed to restore electrical power using an emergency generator, they were not able to restart its engines.

With the ship floating adrift, the two local pilots onboard issued a mayday call at 1:30 AM to warn authorities that a collision was imminent, which allowed them to stop traffic from going over the bridge. A Maryland Transportation Authority official was recorded saying at that time:

There’s a ship approaching that has lost their steering. Until you’ve got that under control, we’ve got to stop all traffic.

The video below, which is being shared on WhatsApp, does not accurately reflect the truth – the ship never regained the use of its engines, but it clearly shows when the ship lost power, and when it restored electrical power.

Recommended : Can Canada Social Credit System Freeze Bank Accounts?!

Fact #2 : No Evidence Dali Was Hit By Cyberattack

Despite claims by people with unnamed “inside sources”, there is simply no evidence that the Dali was hit by a cyberattack which steered it right into a bridge in Baltimore.

Built by Hyundai Heavy Industries, the Dali is powered by a single MAN 9-cylinder S90ME-C9.2 crosshead diesel engine. It also has a single 3,000 kW bow thruster for manoeuvring in ports, and four diesel generators for electricity.

While those engines, and controls, may be connected to a SCADA (Supervisory Control and Data Acquisition), they are not connected to the Internet. Even if the Dali’s SCADA system was somehow taken over by malware, the lack of Internet connectivity would make it impossible for any hacker to steer it into the bridge.

An early Cybersecurity and Infrastructure Security Agency (CISA) report appears to rule out an intentional or act of terrorism, finding that the Dali “lost propulsion” as it was leaving port.

The Baltimore Field Office of the Federal Bureau of Investigation (FBI) said in a press statement, that “There is no specific and credible information to suggest any ties to terrorism at this time.

United States Attorney for the District of Maryland Erek L. Barron also dismissed those claims in a public statement, saying “There is no evidence at this time to suggest that today’s collapse of the Francis Scott Key Bridge in Baltimore has any ties to terrorism.

If the Dali was indeed hit by a cyberattack before its crash, there would be evidence of hacking or malware in its SCADA system. However, until such evidence is discovered, anyone who tells out that it was definitely hit by a cyberattack is likely lying to you.

Unsurprisingly, none of those who claimed that a cyberattack caused the Dali to lose power and hit the Francis Scott Key Bridge ever provided a single shred of evidence from behind their keyboards.

Recommended : Did Russia Arrest Rustam Azhiev For Moscow Attack?!

Fact #3 : Ship Loss Of Power Is Common

The loss of power is common in the maritime industry (source) – as many as 600 cases each year according to FuelTrust, although most occur in open water. They are often associated with poorly mixed fuel, or changing from high-sulphur to low-sulphur fuels when entering coastal emission control areas (ECAs).

In fact, shipping experts think “dirty fuel” may be the reason for Dali to lose power before smashing into the Francis Scott Key Bridge (source).

That power loss could have been caused by dirty fuel clogging filters that lead to the ship’s main generator.

While inside a port, as the Dali was before the collision, ships typically run on a relatively light diesel fuel. That also could have been contaminated. Common contaminants include water, dirt and algae. He definitely could have had dirty fuel

– Gerald Scoggins, a veteran chief engineer in the oil and gas industry and the CEO of the Houston company Deepwater Producers

Ian Ralby, the CEO of I.R. Consilium, a maritime and resource security consultancy, also said heavy marine fuel loaded onto ships in port is mixed with what is called cutter stock, and is prone to being loaded with contaminants and is not closely regulated. Such dirty fuel could have “gummed up all of the fuel lines on the ship.”

Please help us FIGHT FAKE NEWS by sharing this fact check article out, and please SUPPORT our work!

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > Fact Check | CybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Eugene Kaspersky Presents Cyberspace – The Survival Guide

As the Chairman and CEO of Kaspersky Lab, Eugene Kaspersky is no stranger to cybersecurity. In fact, he created his first antivirus software while serving in the Russian Ministry of Defense in 1989 – 8 years before he founded his eponymous cybersecurity firm.

His credentials, as far as cybersecurity goes, is impeccable. That is why his keynote speech entitled “Cyberspace – The Survival Guide” was arguably the highlight of the Kaspersky Lab Palaeontology of Cybersecurity conference.

Don’t forget to check out the other Kaspersky Palaeontology of Cybersecurity presentations!

 

Eugene Kaspersky Presents Cyberspace – The Survival Guide

In this engaging 35-minute talk, Eugene Kaspersky shares with us his opinions on the evolving cybersecurity threats and how we can survive them.

Here are the key takeaway points from Eugene Kaspersky’s keynote talk :

  • Eugene Kaspersky still uses an old Sony Ericsson feature phone, which he says is “unhackable”.
  • Microsoft Windows is still the main target of cyberattacks, because it’s still the most popular operating system and the default operating system for many enterprises.
  • Cyberattacks are increasingly shifting to the mobile platform, targeting the Android operating system in particular.
  • The Mac OS platform is relatively safe because there are still not that many Mac user, or Mac programmers who can craft malware to target them.
  • However, Eugene Kaspersky (pointing at my MacBook Pro) says that Mac OS is much more vulnerable than Microsoft Windows from a cybersecurity point of view. It is only “safer” because there are not many cybercriminals who can exploit this.
  • The threat of Linux malware is growing very fast, because Internet of Things (IoT) devices are mostly Linux-based.
  • iOS attacks are limited because their zero-day vulnerabilities are very expensive for cybercriminals to purchase.
  • Kaspersky Lab collects about 300,000 unique malicious code samples per day, or more than 2 million unique code samples a week.
  • The growth in malware is exponential. Kaspersky Lab took 20 years to collect their first million unique malware code samples, but just one week in 2016 to collect 2.2 million unique malware code samples.
  • The good news is that Kaspersky Lab processes these malware code samples automatically 99.9% of the time using self-learning machine algorithms.
  • Eugene Kaspersky dismisses the tech industry’s use of the term “artificial intelligence“, insisting that they are more accurately described as “self-learning machine algorithms“.
  • Unfortunately, there is a marked growth in highly sophisticated state-sponsored and criminal cyberattacks that cannot be addressed by these means.
  • Cybercrime now costs the world US$450 billion in losses every year – the equivalent of 13 years worth of budget for all of world’s space programmes combined.
  • IoT (Internet of Things) devices are the new frontier. There are now more IoT devices than human beings on Earth. The danger though lies in the fact that most of them cannot be patched, and use common, standard passwords for easier manageability, but makes them easy to hack.[adrotate group=”2″]
  • SCADA industrial control systems are also vulnerable to cyberattacks. There are now cybercriminals that target the SCADA systems of manufacturing and transportation companies, as well as state-sponsored attacks and possible terrorist attacks.
  • Eugene Kaspersky skipped past the Elections and Government Services slide, probably due to the recent US Senate accusations. I made it a point to ask him about that controversy during the Q&A session though.
  • Cybersecurity of individuals and SMBs (small and medium businesses) are easy to solve, because you can purchase and install cybersecurity software that will handle the common cybersecurity threats.
  • Enterprises, however, are under the additional threat of professional, targeted attacks. In addition to end-point protection, they will need to be able to predict and detect cyberattacks, and respond quickly to those that are identified.

Eugene ends his presentation by opining that a lot of work needs to be done to secure the world from from cybercriminals, thanks to the prevalence of cyberspace in our lives.

Don’t forget to check out the other Kaspersky Palaeontology of Cybersecurity presentations!

Next Page > The Cyberspace – The Survival Guide Presentation Slides

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

Here is the complete set of Eugene Kaspersky’s presentation slides for his talk, Cyberspace – The Survival Guide for your perusal.

[adrotate group=”1″]

Don’t forget to check out the other Kaspersky Palaeontology of Cybersecurity presentations!

Go Back To > First PageArticles | Home

[adrotate group=”1″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

The Kaspersky Industrial CyberSecurity (KICS) Solution Revealed!

Kaspersky Lab just announced the Kaspersky Industrial CyberSecurity solution in Malaysia. Called KICS for short, it is a combination of Kaspersky’s services, technologies and intelligence designed to protect critical infrastructure and industrial facilities.

Cybersecurity of critical infrastructure and industrial facilities is of great importance, because of their importance to the stability and economy of the country. Malaysia, for example, is highly dependent on its industrial sector which contributes almost 37% of its GDP, and employs 36% of its labour force (in 2012).

Kaspersky Lab’s Andrey Suvorov and Vikram Kalkat flew in to talk to us about industrial cybersecurity and how Kaspersky Industrial CyberSecurity can help mitigate, if not reduce or eliminate, the risks of cyber attacks of critical infrastructure and facilities.

 

The Kaspersky Industrial CyberSecurity (KICS) Solution Revealed

Cyber-attacks on industrial control systems are on the rise. In 2016, 67% of information and operational technology managers say that their security risks are at a critical level. In this video, Vikram Kalkat (Senior Key Account Manager, KICS) explains the industrial cybersecurity landscape.

The Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team (ICS CERT) Report 2016 gives Malaysia a risk score of 15% . The scoring is determined by the observability mode, security assessment and exploit prevention. Malaysia is also a target for cyber-attacks, ranking 66th on the Kaspersky Lab Industrial Cyberthreats Real-Time Map.

The introduction of Kaspersky Industrial CyberSecurity (KICS) cannot come at a better time. The high degree of automation and use of information technologies in modern industrial facilities make them especially vulnerable to cyber attacks. Andrey Suvorov, Head of Critical Infrastructure Protection Business Development, Kaspersky Lab, explains how KICS can minimise the risks and effects of a cyber-attack on industrial control systems.

Unlike traditional corporate IT networks (where confidentiality is the top priority), industrial control systems (ICS) demand faultless continuity and consistency of the technological process. Strict regulation and compliance can lead to unprotected operating of critical facilities if the cybersecurity measures do not meet safety requirements.

Kaspersky Industrial CyberSecurity considers all these unique requirements and protects the ICS network at the layers most vulnerable to cyber-attacks – ICS/SCADA servers, HMI panels, engineering workstations, PLCs and more – securing them from cyber-threats without affecting operational continuity and consistency of the technological process.

Read more about KICS and how it detects and prevents threats in the next page!

Next Page > KICS Threat Detection & Prevention, Meeting Strict Industry Requirements

[adrotate banner=”5″]

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!

KICS Threat Detection & Prevention

Traditionally, ICS organizations are not well prepared or protected to withstand cyber security attacks. The design of ICS software and hardware is hard to call secure. To minimize the possibility of a cyber-attack, Industrial Control Systems (ICS) is supposed to be run in a physically isolated environment. However this is not always the case.

Historically, ICS operating team is not able to recognize social engineering attacks, recognize unsafe actions and become a solid stage of cyber security in their organizations. Of cause, their main task is to provide safe and reliable production process. On the other hand, the ICS organizations cannot afford significant investment into security workforce, since this is not a priority for them. The cyber security response plan may assume that some external organization is involved for incident coordination, analysis and response actions.

Kaspersky Industrial CyberSecurity offers a combination of conventional security technologies, adapted for an ICS environment, such as anti-malware protection, whitelisting and vulnerability assessment functionality. This strong foundation is further enhanced with unique technologies designed specifically for industrial environments, including integrity check for programmable logic controller (PLC)semantic monitoring of process control commands and telemetry data to detect cyber-attacks targeting the physical part of an infrastructure.

Kaspersky Industrial CyberSecurity also provides a special observability mode that focuses solely on the detection of cyber-attacks, operation personnel faults and anomalies inside an industrial network. All prevention and detection technologies are managed via a single centralized management console.

 

Meeting Strict Industry Requirements

The highly customizable settings of Kaspersky Industrial CyberSecurity mean it can be configured in strict accordance with the requirements of different industries, facilities and production lines, allowing the solution to be effectively integrated into an organization’s existing ICS network and technological processes without any significant modifications to the network or to the process. All of their technologies are tested by and certified with leading ICS vendors.

When Kaspersky Lab was developing KICS, there were some unique requirements they had to meet:

[adrotate banner=”4″]
  • Observability mode. Security solutions are deployed extremely carefully in critical industrial environments. Solutions should be able to monitor activity and detect threats, but leave the decision to block an attack up to the operator. Industrial systems rely on customized software, so even the potential conflict between a security solution and, let’s say, operations of a railway system cannot be allowed.
  • Security assessment. Critical infrastructure always works together with traditional IT, and the fact that different teams are usually responsible for security of those two entities is challenging. An independent look by security experts proficient in both industrial systems and general IT helps to identify potential weaknesses usually found at the meeting point between two systems. This is also true for any traditional IT infrastructure. In fact, the variety of endpoints, mobile devices, on-site servers and cloud services is no less complicated than a power plant.
  • Exploit prevention. Technologies designed to identify attacks using previously unknown vulnerabilities is one level above traditional anti-malware systems. As we learned from Stuxnet, critical infrastructure may be targeted with the most advanced cyber weapons. Unlike traditional malware, targeted and advanced attacks require special tools.

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participating in the Tech ARP Forums, or even donating to our fund. Any help you can render is greatly appreciated!