More and more cryptocurrency mining initiatives are focusing their attention on using hydroelectric power. However, several of these plants around the world are connected to the public Internet. Anyone in the world can access these unauthenticated management interfaces. Assailants could inflict a lot of damage against Bitcoin mining operations by attacking the hydroelectric plants.
Hydroelectric Plants Need Better Protection
There are many critical infrastructure elements connected to the public Internet, even though there is no reason for them to be in this state. A study by Internet Wache of Berlin showed how over 100 systems could be accessed through unauthenticated login portals. Although all of the system operators have been informed regarding this threat, some of these warnings have fallen on deaf ears.
Interestingly enough, several hydroelectric power plants are on this list of accessible systems, albeit they are located in Germany and Italy. This may not impact Bitcoin mining operations in a significant manner, but it still a troublesome development. Accessing web applications controlling processes in these plants is certainly possible, even for those who have little special knowledge about how the plants operate.
Unfortunately, these issues are not new, as the vulnerabilities have been around for years now. Uncovering these systems takes a few hours of work, most of which is automated through a small script. Part of the reason as to why this is the case can be blamed on how these control systems are operated by engineers, rather than IT staff. Engineers do not always use strict computer security policies.
It goes without saying that accessing hydroelectric power plants should be a significant concern to everyone on the planet. Monitoring control systems, as well as pump management, can all be accessed through a public online interface. It would not be the first time one of these facilities is hacked, as a similar incident took place in Ukraine in 2015
Luckily, all of the four hydropower plants took the warning seriously and locked down their IT systems ever since the research was conducted. However, this begs the question as to how appealing these solutions can be for Bitcoin mining companies. If such a plant were to be hacked, it is impossible to determine what kind of damage could be done.
Image credit 1
If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.