Industrial systems consider only partial security, mostly relying on the basis of “isolated” networks, and controlled access environments. Monitoring and control systems such as SCADA/DCS are responsible for managing critical infrastructures operate in these environments, where a false sense of security assumptions is usually made.
But the Stuxnet worm attack demonstrated widely in mid 2010 that many of the security assumptions made about the operating environment, technological capabilities and potential threat risk analysis are far away from the reality and challenges modern industrial systems face.
This paper describes an investigation into the highly sophisticated aspects of Stuxnet, the impact that it may have on existing security considerations and pose some thoughts on the next generation SCADA/DCS systems from a security perspective.
The problem is that Stuxnet not only successfully demonstrated the feasibility of a very targeted and highly sophisticated cyber warfare attack.
It is important to note that Stuxnet’s design and architecture Is not domain-specific and can be used as a tool for Advanced Persistent Threats (APTs) http://en.wikipedia.org/wiki/Advanced_Persistent_Threat such as Operation Shady RAT. http://en.wikipedia.org/wiki/Operation_Shady_RAT Hence with some modifications it could be tailored as a platform for attacking other systems e.g. in the automobile or power plants. It’s highly sophisticated actions may prevent detection until it is too late.
In the hands of criminally inclined groups it may be a very effective cyber weapon with significant impact.
The fear that we may have seen only a successful capability demonstration in 2010, is strengthened by the distribution of modern SCADA and PLC systems over the world, the majority of which rely on Europe, Japan and the US.
To read this external content in full, download the complete paper here.