In the opening scenes of Blackhat, a mysterious hacker inserts malicious code into the computers running the cooling tanks at a Chinese nuclear plant. Pumps running water through these tanks — water that serves to siphon the heat off radioactive nuclear rods — soon malfunction. They spin until they snap. The resulting partial meltdown causes a gas explosion and fatal fallout. But that’s just a movie.
It sort of just happened for real.
As WIRED reports, a cyberattack has now caused the second confirmed instance of physical damage. Hackers struck an unmanned German steel mill [PDF], but Germanyâs Federal Office for Information Security isn’t sure when. What is clear is that the hackers gained access to the mill’s control systems through their business network. Then one of the blast furnaces wouldn’t shut down. There was âmassiveâ damage.
The only other time that a hack caused confirmed physical damage is Stuxnet — a digital weapon that the US and Israel unleashed upon the uranium-enriching centrifuges of Iran. The centrifuges were sabotaged while Stuxnet ran undetected by the Iranians for maybe two years.
And according to the same report, Blackhat and the steel mill hack have even more in common. Later on the in film, Chris Hemsworth’s character needs access to a protected government website. But he doesn’t have the password. To get it, he sends what appears to be a legitimate email to the government official who does have it. The official downloads a PDF that is actually a key-logger, and then Hemsworth simply reads the keystrokes as the official changes his password.
What Hemsworth did was initiate a “spear-phishing” attack, or an email that looks like it’s from a trusted source containing an attachment with malicious code. Once they were successful, the hackers worked their way through the mill’s systems until they were in control of the industrial equipment.
Like the shady world of anonymous hackers Blackhat features, there are still more questions than answers. Kim Zetter at WIRED writes that “the report doesnât name the plant or indicate when the breach first occurred or how long the hackers were in the network before the destruction occurred. Itâs also unclear if the attackers intended to cause the physical destruction or if this was simply collateral damage.”
—
For more on the real-life Blackhat hacking, check out the most recent episode of The Dan Cave!