Flow Control - Jan 2012
Is Stuxnet Dead A Look at Cyber Security and Industrial Control Systems I n July 2010 the computer worm known as Stuxnet was used to cripple centrifuges at a uranium enrichment facility in Iran shedding new light on the vulnerabilities of industrial control systems ICS Dubbed a super cyber weapon Stuxnet was the first malware to specifically target an industrial process opening up a range of questions about the security of critical processes such as water filtration chemical processing and power generation distribution systems Whether its a flowmeter or a temperature gauge this threat got very far into the control systems of the real world Gerry Egan a security response director at Symantec symantec com was quoted as saying in a September 2010 NPR npr org news report on the Iran cyber attack This attack was not about stealing information This attack was about physically doing things like turning a dial reading a sensor Stuxnet was designed to attack Siemens PCS7 S7 PLC and WinCC systems around the world And while it would seem to serve as a wake up call for industrial facilities the reaction to the potential threat and impact of this sophisticated malware was somewhat muted in many cases According to a survey by McAfee mcafee com and the Center for Strategic International Studies CSIS csis org of 200 critical infrastructure executives in 14 countries only 57 percent had performed special security audits after Stuxnet Only 32 percent of U S respondents said they performed an audit However 40 percent of those that did a security audit found Stuxnet in their systems Who Is at Risk Flow control comes into play in many industrial sectors that could be targeted or impacted by a cyber attack According to Joel Langill cyber security specialist trainer and founder of SCADAhacker com cyber security is important to any party who 1 has equipment that provides data to automation systems 2 depends on openstandards communication protocols and computing platforms or 3 is involved with equipment that could directly or indirectly result in the shutdown or disruption of physical processes such as oil gas pipelines water wastewater systems and transportation distribution facilities Cyber threats are all around us and one of the most dangerous threat vectors is from someone who has trusted access to the core of the automation systems and is capable of carrying malware that he she is unaware of Langill says Since our infrastructure is so closely integrated disruptions in what could be perceived as a non critical sector could have downstream or By Amy W Richardson upstream effects on more critical components Is Stuxnet Dead In the fast moving world of cyberspace some experts say Stuxnet is no longer itself a threat as much as the legacy it has left behind a roadmap for cyber war Stuxnet may be over as it contained many internal timers that caused it to cease operation on various dates Langill says However what is far from over is the fact that Stuxnet provided a blueprint of how malware can successfully penetrate even well designed automation system architectures The recent Duqu worm proved this point showing that many of the same cyber attack vectors used by Stuxnet in mid 2010 could still be used effectively in late 2011 Duqu was discovered in October 2011 Its intention is not to alter any functioning of industrial automation systems like Stuxnet but rather to collect sensitive information and send it to a remote server Langill says unless companies begin to approach security in a different manner than they have in the past the vectors used by Stuxnet will be very effective for some time to come It is also important to realize that various components of the Stuxnet worm have been made available in source code format making it easy for potential attackers to modify the code for a particular target he says Authors of Vacons White Paper On Industrial Automation Security In Fieldbus And Field Device Level December 2011 vacon com suggest that although the maturity of malware and the rate of occurrence in the industrial automation sector are still quite low attacks may become more frequent and severe in the future Potential scenarios cited include vandalism or sabotaging of industrial plants municipal services or critical infrastructure just for fun by everyday hackers or possibly the hijacking and or blackmailing of entire plants Two examples of what every day hackers could do occurred in November 2011 First hackers were originally believed to have obtained access to the control system of a water utility in Illinois and destroyed a pump used to pipe water to thousands of homes When it was officially disclosed by the U S Department of Homeland Securitys ICS CERT us cert gov organization that these attacks did not represent any real threat to the systems controlling critical infrastructure another hacker said to be outraged by this statement hacked a U S water utility This second attack did not cause any physical damage but it did successfully expose the internal control systems for a wastewater treatment news notes The Siemens PCS7 S7 Programmable Logic Controller PLC was the target of the 2010 Stuxnet worm attack In the wake of Stuxnet Siemens and other vendors have launched aggressive product development initiatives to introduce hardware and software solutions that can help prevent cyber attacks in the future 6 January 2012 Flow Control
You must have JavaScript enabled to view digital editions.
