Hackers destroy blast furnace in German steel mill

by
in security on (#2WPR)
A recent report by Germany's Federal Office for Information Security reveals that hackers caused "massive" damage to an unnamed steel mill. They did so by manipulating and disrupting control systems to such a degree that a blast furnace could not be properly shut down. The report doesn't name the plant or indicate when the breach occurred.

This is only the second confirmed case in which a wholly digital attack caused physical destruction of equipment. The first case, of course, was Stuxnet, the sophisticated digital weapon the U.S. and Israel launched against control systems in Iran in 2008 to sabotage centrifuges at a uranium enrichment plant. Industrial control systems have been found to be rife with vulnerabilities, though they manage critical systems in the electric grid, in water treatment plants and chemical facilities and even in hospitals and financial networks.

Re: I Understand (Score: 1)

by evilviper@pipedot.org on 2015-01-13 21:49 (#2WPZ)

You didn't read the article. The SCADA systems were on a different, firewall controlled network. That is not nearly enough to keep attackers out, for many reasons. The article explains the only sure way is an air gap... With ANY internet access at all, no matter how indirect, compromise is possible. An extreme example might be a DNS exploit, where any system on the control network only tried resolving a host name... Commands can similarly be relayed and data proxied over DNS.

Actually, I'd say an air gap is overrated though... The JC Penny breach wasn't over the internet, but instead required physical proximity as they broke-in over the WiFi network. Similarly, critical control systems need to be hardened against someone connecting a device with remote access capabilities... That could be a small WiFi router hidden somewhere, a cell phone connected to the network, a dial-up modem connected to a router, etc. Any one of those leaves an air-gapped network open to exploitation from outside attackers. You could insert a WiFi chip into a non-threatening looking USB mouse, and just leave it some place such a thing might have been accidentally dropped, and watch as it eventually gets connected, giving you a backdoor to an air-gapped network.

And don't forget Stuxnet... Completely air-gapped network, with tremendous physical security and paranoia. Still got penetrated by a worm on a USB thumb drive... which is how air-gapped networks get updates into their networks.

There simply is no easy answer to the problem.
Post Comment
Subject
Comment
Captcha
What is Lisa's name?