Confirmation has been issued that just prior to the holidays, a devastating cyber security attack was launched on an unidentified German steel manufacturing facility. The hackers achieved their goal of major disruption to the critical infrastructure by cleverly manipulating the mill's industrial control systems to the extent that it became impossible to shut down the powerful blast furnace. This breach resulted in massive infrastructure damage. Though few details are available regarding this incident, it isn’t difficult to imagine another cyber incident happening again.
In fact, the breach mentioned above is the second documented case of hackers causing damage to physical systems and property. The first was the use of Stuxnet at the Natanz nuclear complex in Natanz, Iran, about 150 miles south of Tehran. The destructive activity was taking place for over a year before being discovered [1].
Now organizations such as the NSA are speculating that these attacks are influencing retaliatory measures and others in the cyber security community have stated that the malware itself has spread well beyond its intended target. Seemingly related malware such as Flame and Duqu have cropped up in the wake of the initial Stuxnet incident. Researchers claim there are similarities in the code between these instances [2].
Security Alert
According to an information security alert released by The US Department of Homeland Security's Industrial Control System Cyber Emergency Response Team (ICS-CERT) there are Infrastructure threats that require increased attention, surveillance, and protection. Since 2012 there has been an increase in hackers targeting popular human-machine interfaces (HMIs) of industrial control systems with malware specifically designed as a variant of the BlackEnergy malware toolkit. This malware is designed to target and infect HMI systems with a direct Internet connection [3].
The dangerous implications concerning these developments are far-reaching since they could easily affect major systems and critical infrastructure systems including energy production, nuclear power plants, transportation, and public water systems.
To use a nuclear power plant as just one example, an attack on New York's Indian Point Plant, a three-unit nuclear power plant station located near the Hudson River in Buchanan, New York, would be as bad as or worse than the 2011 Japanese Fukushima Daiichi nuclear disaster.
If this situation could affect your organization, think about the following:
- Could your firm survive this type of attack?
- What protections do you have in place?
Getting Help from the Inside
The CimTrak file integrity monitoring suite aids your IT department by protecting critical industrial control systems such as HMI and SCADA as well as critical network infrastructure. Because seconds count when it comes to knowing about a breach, CimTrak continuously monitors your control systems, making it possible to detect and identify a potential intrusion as well as alert required personnel instantly.
What’s more, CimTrak’s security dashboard also allows for easy “at-a-glance” surveillance of an organization’s status. The dashboard is accessible from any connected device and can be customized for each user’s needs. As an alternative to expensive solutions such as Tripwire, CimTrak provides users with robust IT security monitoring, without the budget-busting price. Get in contact for a demonstration or to find out how to put these cutting-edge tools in place at your facility and find out why organizations across the globe rely on CimTrak to protect their critical IT assets.
References:
[1] http://www.wired.com/2015/01/german-steel-mill-hack-destruction/
[3] http://www.eetimes.com/document.asp?doc_id=1324496
