An Iranian hacker used publicly available features on Google to access systems controlling a New York dam, according to federal officials quoted over the weekend.
Related Story: http://vip-stage.washingtonexaminer.com/article/2579008
The hacker, Hamid Firoozi, used a process called “Google dorking” to gain access to the Bowman Avenue Dam in Rye Brook, N.Y., in 2013, said law enforcement officials quoted by the Wall Street Journal. Though it happened years ago, the incident came to light in 2015.
The process involves using Google’s advanced search function to narrow search parameters, using them to discover confidential information that wouldn’t be displayed in a normal search. That information can include things like usernames, passwords and other account details that can serve as “backdoors” into systems. Firoozi allegedly used the function for months in an effort to breach vulnerable industrial control systems in the United States.
The Department of Homeland Security and Federal Bureau of Investigation warned public safety and security organizations about the technique as long ago as 2014. “Malicious cyberactors are using advanced search techniques, referred to as ‘Google dorking,’ to locate information that organizations may not have intended to be discoverable by the public or to find website vulnerabilities for use in subsequent cyberattacks,” said an intelligence document issued by the agencies.
Related Story: http://vip-stage.washingtonexaminer.com/article/2586724
The Justice Department last week indicted seven Iranian hackers on charges of attacking U.S. financial institutions and the Bowman Avenue Dam. All seven of those charged worked for private companies tied to Iran’s Islamic Revolutionary Guard Corps.
