Industrial Network Security by Jim Pinto

The computer worm Stuxnet was discovered in June 2010 in Iran. It was clearly aimed at Iran's nuclear program and wiped out about 20% of Iran's nuclear centrifuges. This delayed (though it didn't destroy) Iran's ability to make their first nuclear weapons.

The fast-spreading malicious computer program is a prime example of digital warfare and is the first to attack industrial systems. Unlike other cyber attacks, this malware did not stay invisible; it somehow turned up in other industrial processes around the world - India, Indonesia and other countries. If Iran was the primary target, perhaps these other locations were just prototype tests, or decoys.

The industrial cyber-attack trend continued strongly in 2011. Sophisticated threats with exotic names like Night Dragon, Duqu, and Nitro had been running for a year before they were discovered. These were designed to steal valuable information such as control systems and SCADA designs, trade secrets and business data.

Duqu malware used a lot of the same source code as Stuxnet; however, unlike Stuxnet, it stole information rather than attacked PLC systems. Nitro attacked 25 manufacturers of chemicals and advanced materials, collecting intellectual property for competitive advantage.

All of this means that bad guys increasingly know where to find holes in automation products; they are being spoon-fed the software to exploit the holes, and they have public examples of how to cover up their tracks.

There's plenty of help for companies that want to beef up their security. The National Institute of Standards and Technology has many documents and guidelines, and standards such as ISA 99 and IEC 62443 are the bedrock of many security systems.

In his Predictions for 2012, Industrial Security expert Eric Byres predicts that over 500 vulnerabilities in automation products will be disclosed by freelance researchers and half of the disclosures will include sample attack code.

Eric's second prediction is that the trend of stealthy industrial malware will continue. The problems will remain undetected for long periods of time and could only be detected after significant damage has occurred. <> There are two bottom lines for industrial systems, says Eric Byres. First, if you think your system has never been penetrated, you have not looked hard enough. Second, keeping malware out is impossible. The only way to avoid expensive business losses or production disruption is to start immediately to protect your system with defense-in-depth measures.

I like to e-hear from you and will ALWAYS respond.
Please e-send your news, views and stews, your tips and alerts.
If smell something fishy in your pond, please e-let Jim know and I'll check it out.

If you have comments or suggestions for Growth & Success News, please contact me directly at : Jim@JimPinto.com