Federal investigation of New York Dam computer system hacking revealed that the Iranian man responsible for the attack used an available Google search process to identify the flawed system.
“Google dorking”, a process which can simply be done by anyone with a computer and easily accessible Internet is also done with some few additional special techniques. The Feds also indicated that the process was being widely used by hackers to see which of the computers in the US had vulnerabilities.
The Iranian man charged with the offense, Hamid Firoozi, was charged on Thursday. The people briefed on the investigation mentioned that Hamid had accidentally stumbled onto the Bowman Avenue Dam located in Rye Brook, N.Y. He used the technique which helped identify an unprotected computer that controlled the dam’s sluice gates and other functions. After identification of the dam, Hamid allegedly used other methods to hack himself in.
One person from the investigation said, “He was just trolling around and Google dorked his way onto the dam.”
Google dorking is a search technique that has been around for almost ten years and according to cyber security experts is neither legal nor malicious. Michael Bazzell, former computer crime investigator for the FBI said the technique was widely and commonly used by ‘white hat hackers,’ people who are there to check for vulnerabilities in an organization’s system servers or company computers vulnerabilities. Mr. Bazzell said, “You can look for hardware online that you can access without a password, or for a particular type of login portal. It’s very effective.
The Justice Department accused six other Iranians together with Mr. Firoozi of attacking the US Financial system. This was the first public indictment against those who are tied to the Iranian government. The seven defendants were workers for two privately owned computer security companies. The companies did some work for the Iranian government, also including the Islamic Revolutionary Guard Corps, the Iran’s elite military force.
The defendants are however in Iran. They can be arrested if they leave their country. They could not be reached for comment, and the same goes for their lawyers.
The attack on the dam at the time sparked concerns that reached as far as the White House. The primary concern was that hackers had started targeting US infrastructure. The US Attorney Preet Bharara said, “The infiltration of the Bowman Avenue Dam represents a frightening new frontier for cybercrime.”
The FBI and Department of Homeland Security warned the public and security organizations of vulnerabilities that were as a result of dorking. Mr. Bazzell said that it was the company’s duty to protect them and make sure Google had no access to data they didn’t want in the open.