Tilting It Sideways

Trying to track down the origins of an Internet meme can be an almost fruitless endeavor. Other than giving credit to its originator and perhaps giving them a few minutes of Internet fame there really isn’t a lot at stake by determining who was the kid in the success.gif or what meme Laina Morris is responsible for. Finding the origin of a story involving the breach of critical infrastructure however, can be rather important.

Like funny Internet memes, stories about compromises of water plants, steel factories, power companies or other systems controlled by SCADA or ICS can be repeated over and over until they are accepted as facts with no one questioning their authenticity. Previous events such as power outages in Brazil, a water pump failure in Illinois, the improper shut down of a blast furnace at a German steel mill, a pipeline explosion in Turkey were all originally attributed to cyber attacks. In fact cyber attacks were blamed in almost all cases not because there was any actual evidence but rather the lack of any other explanation. Since nothing else could have caused the problem it must have been those meddling hackers.

I recently heard of a new incident that seems to fall into this same scenario. The story claims that hackers broke into the control system of a floating oil rig off the coast of Africa, somehow messed with the ballast control and caused the rig to tilt. The rig had to be taken offline while the systems were cleaned up. As with most of these types of stories no supporting information is given. No actual dates, no name of the oil rig or its owner, even the location in this story is vague, ‘off the coast of Africa’, an entire continent.

Continue reading