To write malicious software for chemical plants requires, probably too much effort in order to pay off financially. Nevertheless, control systems for industrial plants to be protected from unauthorized access from the Internet.
Since the discovery of the Stuxnet worm, a malicious program that has been specially developed for a Siemens system for monitoring and control of technological processes (Supervisory Control and Data Acquisition, SCADA), it is public, that production control systems are under threat from the Internet. But there has been earlier attacks on control systems in industrial plants. Sun sabotaged in winter 2002/2003 the strikers in Venezuela, industrial controls, which were responsible for the loading of oil tankers. One of these attacks delayed the loading of tankers to eight hours.
These incidents are probably not the only ones. Why we know little more about? The companies concerned to avoid it, to publish such events. First, they want the attackers do not make more information available, on the other hand, they fear a loss of image.
The attacker, however, are trying in advance to avoid detection, as long as possible to collect information and prepare for the actual attack more effectively. Accordingly, they attacked first on the Windows computers that are connected with the process monitoring systems to prevent error messages.
Because more and more production data necessary for process optimization are always more companies combine the control systems with their computer networks. This happens often at the Department of Information Technology (IT) over and without taking into account safety aspects. Answer that addressed those responsible that production systems are not connected to the Internet.
The production systems are not directly connected to the Internet, but the enterprise networks. A computer that is connected to both the Internet and with the control system combines both. To date, most of these systems user IDs and passwords that are stored in the software itself, and so are not easy to change. Many users of this information is generally known or easily find and offer administrative privileges. This makes it possible the malware to get into the control systems and to take control of industrial plants.
It is not enough to separate the networks of the industrial facilities of the other business networks and to use only meant for this purpose (dedicated) computer systems for the control. For today's business processes, it is essential to integrate dynamic production data into other applications, such as in manufacturing management and production control systems (Manufacturing Execution System, MES) systems for production planning and enterprise resource planning (EPR). In addition, the human element is taken into account. So it was a case where an employee of the control computer connected via a separate cable directly to the Internet had to play online. The company had no idea and could not explain how it was possible to remotely control the equipment.
For maintenance purposes, is now often a set of external access, as this may account for the time-consuming visit to a mechanic. Investigations of the anti-virus software manufacturers such as Symantec and Kasperski have shown that such remote accesses occur frequently, even without the participation of the company concerned. Access is for external customer service permanently available, and even if the company actively support the remote control, but they see only a fraction of the action. In addition, companies need to ensure that the connection to the Internet is terminated.
There are numerous examples, and arise with the increasing use of private equipment new, and potentially vulnerable bridges from the internal network to the Internet.
How real is the threat?
Despite the accessibility but a lot of specialized knowledge is required to actually carry out a dangerous access to the control systems. The SCADA systems are often programmed for a specific installation, so that mass production of corresponding malware is not an option.
Prefabricated parts of the program do not exist, and the programming of SCADA systems requires knowledge of the production process. Against this background, chemical plants, certainly not an easy target for a cyber attack. On top of that is to be earned only by the extortion of money by the plant operator, but not with unauthorized remote control of chemical plants themselves.
In addition, it is expensive to create the appropriate malicious programs. Security experts estimate that 5 to 30 programmers were needed to program the Stuxnet worm.The final completion is likely to have lasted about six months. Therefore, mass attacks and accidental damage is unlikely.
However, the potential political-military advantage is high.A state would have tremendous potential, if it controls the infrastructure of another country.
A completely new kind of warfare would be possible without soldiers. Speculation also suggests that Israel and the U.S., the development of the Stuxnet worm have operated. This could also be an attack on Iran's nuclear facilities to be made.
The political benefits can be so high as to be worth the costs. The threat of exploding chemical plants or disorderly shutdown of nuclear facilities is so great that the affected countries are vulnerable to blackmail.
Secure Information Technology immediately secure control systems?
Most users of industrial control systems today turn to the experts in IT security to protect their systems. The focus of IT are not the same as for industrial plants. While most experts in IT security deal first with the confidentiality of data, the focus is on the industrial facilities on the availability. The biggest difference is the complexity of large industrial plants.
Most security checks and audits are focused on obvious threats and overlook hidden gaps and points of attack. This is partly due to the additional costs and the other is the tacit acceptance that complete security can not be achieved.
In industrial plants, the entire development process and data quality are assured. For such an extensive descriptions and reviews of information security, there are not enough experts.
Most IT systems are updated regularly, and this vulnerability can be eliminated. SCADA systems are usually in operation for years and is updated only seldom. This is also because of the possible consequences of changes to the tax software: you can stop the worst production. To test new features, is also critical, because even a small mistake can be devastating effect on the operation of the plant.
What can you do?
There are firewalls and access controls for SCADA networks. This can reduce unauthorized access to the control systems. With dedicated approvals for trusted applications unauthorized system changes are further reduced. Thus, the computationally intensive virus scans are largely unnecessary.
In any case, it is necessary to protect the control systems for production to more effectively against unauthorized access and changes. Therefore, Siemens has now developed a new version of the control software that eliminates the vulnerability used by Stuxnet.
The main approach has to be a training of the operators of the plants though. It would be fatal, that obstacles such as firewalls, make an attack impossible on their tax systems.