In 2013, Iranian attackers were able to compromise the control system of a dam located in Rye Brook, New York. In this video, Mike Chapple explains the details surrounding the Bowden Dam breach.
(dramatic music) - [Mike] Rye Brook, New York is a small town located north of New York City that has less than 10,000 residents. The senior center runs a weekly Mahjong tournament and the library hosts classic movie Tuesdays. Rye Brook is hardly the type of place that you'd expect to be the epicenter of an international cybersecurity incident.
On the edge of town, a small stream named Blind Brook runs behind a title insurance company, a CVS, and a Chipotle, as it meanders its way around the town, before taking a four mile trip to empty into the Long Island Sound. About 100 years ago, the community built a dam on Blind Brook to help control flooding. The Bowman Avenue Dam isn't a large dam. It's only about 20 feet tall and it sits beside an interstate where cars fly by without even noticing its presence.
But the Bowman Avenue Dam made national news in March 2016, when federal prosecutors announced the indictment of an Iranian hacker on charges of conducting a cyber attack against the dam's control system. The attacker managed to take control of the computer system which presumably was connected to the internet for remote management purposes. Fortunately this attack didn't have any serious, direct consequences. The attacker was simply able to monitor information on water levels and temperature and determine whether the dam was open or closed.
Under normal circumstances, the attacker's level of access would have permitted him to open and close the dam potentially flooding nearby homes and businesses, but the village of Rye Brook was lucky. The gate control system had been disconnected before the attack during maintenance activity and was never reconnected. Now you might be wondering why we're talking about the Bowman Avenue Dam. The attacker didn't flood the town, and continues on as normal at Rye Brook. However this attack tells us a few important things.
First, connecting devices to the Internet of Things poses risk. When we connect a control system to the internet, it makes it possible for an attacker to probe that system's security. Second, there are attackers out there who want to target these systems. In this case, an Iranian attacker spent time and energy breaking into the system and maintained control for at least 20 days. We'll probably never know why the attacker chose this dam. Perhaps it was a dry run for a larger scale attack in the future.
Or maybe the attacker confused the small Bowman Avenue Dam in New York, with the much larger Arthur R. Bowman Dam in Oregon. But it really doesn't matter why the attacker targeted the Bowman Avenue Dam in Rye Brook. The reality is that he did target that dam, and this attack illustrates for us the very real threat against our physical infrastructure.
Author
Updated
6/10/2019Released
10/8/2018Skill Level Intermediate
Duration
Views
Related Courses
-
Insights from a Cybersecurity Professional
with Mike Chapple32m 15s Intermediate -
IT Security: Key Policies and Resources
with Gregory Michaelidis23m 44s Intermediate
-
Introduction
-
The 2017 Equifax Breach
-
The Equifax breach2m 41s
-
Inside the Equifax breach3m 22s
-
Lesson 2: Move quickly!2m 36s
-
-
The 2013 Target Breach
-
The Target breach2m 43s
-
Inside the Target breach4m 55s
-
Lesson 1: Vendor management4m 21s
-
Lesson 3: Log monitoring5m 6s
-
-
The 2006 VA Laptop Theft
-
Inside the VA breach5m 42s
-
Lesson 3: Security policy4m 42s
-
Aftermath of the VA breach2m 45s
-
The 2018 Atlanta Ransomware Breach
-
The 2005 TJX Breach
-
The TJX breach2m 8s
-
Inside the TJX breach4m 3s
-
Aftermath of the TJX breach2m 27s
-
-
The 2013 Bowman Dam Breach
-
The Bowman Dam breach3m 12s
-
Inside the Bowman Dam breach5m 51s
-
-
The State-Sponsored University Breach
-
Lesson 3: Social engineering6m 19s
-
The Maersk Breach
-
The Maersk breach2m 43s
-
Inside the Maersk breach3m 37s
-
Lesson 3: Test backups4m 8s
-
After the Maersk breach2m 38s
-
-
The Sony Breach
-
The Sony breach3m 24s
-
Inside the Sony breach2m 42s
-
Lesson 1: Defense in depth2m 11s
-
Lesson 2: Offense is risky2m 23s
-
Lesson 3: Authentication2m 13s
-
After the Sony breach3m 24s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: The Bowman Dam breach