Back in July when Stuxnet first became public, I wrote in our Siemens PCS7 WinCC Malware White Paper and told anyone that would listen that Stuxnet was targeted at stealing intellectual property from process systems. The code we analyzed showed Stuxnet performing SQL database accesses and process information uploading to servers in Denmark and Malaysia, so this seemed like a sure answer.
Practical SCADA Security
Control System Security Threats, Security / Reliability Incidents, Useful Industrial Cyber Security Tips
Just about everyone who has ever commissioned an OPC Classic-based system has at least one horror story about how product X did the really strange and unexpected. And if you are in the security business like me, often the story is about how the particular product violated every reasonable security requirement known to man.
One of the best things about the whole Stuxnet worm fiasco is that it has brought one of the biggest security issues – the use and abuse of passwords – into focus. Currently most of the discussion has focused on Siemens’ unfortunate use of fixed default passwords in their products (for example, see Joe Weiss’ post on http://news.infracritical.com/pipermail/scadasec/2010-August/001756.html).
Last week I wrote about a malicious attack on an industrial control system (ICS) initiated by outsiders. This week I'll discuss a PLC accident caused by an insider, and suggest some possible solutions for both of these incidents.
We had a request recently from a reader to provide an example of a malicious attack by outsiders on a control system, how it was done, and what impact it had on the plant and the owner. This is surprisingly tough to do, because according to RISI the vast majority of security incidents are internal and/or accidental in nature. Additionally, people whose control systems have been hacked do not like to talk about it - why give attackers more info and ideas than they already have?
- ‹ newer posts
- 32 of 33
- older posts ›