Night Dragon Pilfers Oil & Gas Smart Grid
The Night Dragon is the latest cyber security attack to join the ranks of uber-sophisticated Trojans like Stuxnet. It uses one of the most common attacks, compromising external Web servers and then hacking into the company intranets to gain access to internal servers and desktops. The tragic truth is that the oil and gas sector has a very poor guard against cyber security threats that can easily be prevented. For example, incidents of the Night Dragon have shown that the energy industry has left too many doors open for invaders to come in without any sense of stealth.
From the Smart Grid Security Blog,
Speaking of logging and logging the user out, was the user ever authenticated in the first place? Did we log that event? Are the logs being monitored? Why was an unauthenticated user given access to a critical asset like the database? There are so many relatively simple mechanisms that would have prevented this attack it makes me want to discuss security (or its complete lack) in the software development life cycle (SDLC).