An unknown number of attackers knowledgeable in IT security and industrial control systems (ICS) processes have caused massive damage to a German steel plant in 2014. The incident has been confirmed by the Federal Office for Information Security (BSI) of the German government in an IT security report.
The attack, which appeared to specifically target operators of industrial plants, caused components of the plant controls to fail, resulting in an unregulated furnace, which then caused physical damage to the steel plant.
The individual or group responsible for the attack was able to infiltrate the system using spear phishing and social engineering techniques. These two methods are proven ways by which threat actors lure their victims using emails or social media links that appear to come from a legitimate source but can actually introduce threats for attackers to get inside the network.
A number of news reports have dubbed this the second cyber attack to ever cause physical damage since the highly sophisticated Stuxnet malware wreaked havoc to the Natanz uranium enrichment plant in Iran. However, attacks affecting real-world operations of facilities have been ongoing but may remain unreported by the affected organizations. As such, the German steel plant attack is more accurately the second since Stuxnet which had physical impact and was confirmed by a legitimate government source. A Stuxnet review in 2010 also included notes on the Slammer worm that hit a nuclear facility in Ohio and the DOWNAD/Conficker worm that caused malfunctions in a number of high-profile institutions.
“Despite several documented security issues in relation to SCADA devices, little has been achieved in the past 10 years to help secure them. SCADA deployment has consistently risen. Lack of information security implementation and advancements in SCADA technology have dramatically increased security risks worldwide with likely far-reaching consequences,” explains Trend Micro Forward-Looking Threat researcher and SCADA systems expert Kyle Wilhoit in a research paper.
Protecting your SCADA environment may seem like a daunting task. Wilhoit suggests that organizations start with the following basic configurations to improve the security of SCADA devices:
Visit the Threat Intelligence Center for more on ICS and SCADA systems and industrial cyber security.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.