Today, our life is heavily dependent on the digital infrastructure surrounding us. It is no wonder that the news of the first real attack on industry control systems (here), the Stuxnet malware, spread through the media like a wild fire. The news was pushed by a friend to my iPhone just hours after it was published.
This link provides a more in depth description of this Stuxnet malware. It gets into a control network via your typical USB drives. It targets a SCADA system from Siemens called Simatic WinCC which runs on the Windows platform. Once the machine is infected, a Trojan detects if the machine is running Siemens’ Simatic WinCC software. It then uses a default password that is hard-coded into the software to access the control system’s Microsoft SQL database.
Many security related publications have elaborated deep concerns about the potential damage that this type of malware can do. Just last year, in the so called Aurora Project, researchers affiliated with the US government were able to demonstrate how malicious instructions transmitted through the network can physically blow up a 27 ton power generator and cause profound damage. From here, it is easy for the security minded to connect the dots.
SCADA systems, Sensor networks, automated process control devices: there are more machine-to-machine systems than those used by users like you and me. It is a real challenge to secure the machine-to-machine systems. In the case of Stuxnet, since the SCADA system is not on the internet, to achieve timely security updates is not an easy task. In the case of the Aurora Project, the power generator was controlled by embedded systems with very limited computing power to provide self-defences such as firewalling and antimalware. The cost effectiveness and convenience offered by the internet provide huge poll to webify the machine-to-machine systems. More security issues will arise in the future.
How do we protect our critical infrastructure against attacks as demonstrated by the Aurora Project and as realized by Stuxnet? First, access to the machine-to-machine systems has to be tightly controlled. If possible, the USB drives should be disabled or not provided at all. Second, the means of continuously updating the security defence at the whole network level needs to be implemented, even if the network itself is not connected to the public internet. For example, the Wedge BeSecure provides a way to update its security signature once per hour in an offline mode, a feature that was requested by infrastructure operators to stop the transmission of malware such as Stuxnet in their private networks. Third, security policies need to be enforced at the application content level to block malicious instructions while allowing the good instructions to go through.
var _gaq = _gaq || ; _gaq.push(['_setAccount', 'UA-17425662-1']); _gaq.push(['_trackPageview']);