 |
In late December, the German government issued a report about a cyber attack on a steel mill that resulted in significant damage to that facility. The attack has received extensive publicity since then, from the BBC to YouTube, including a detailed analysis of the attack by SANS. Many of these reports, such as the one from Wired, call this the “second confirmed case in which a wholly digital attack caused physical destruction of equipment,” the first being Stuxnet.
(Image from a YouTube video posted by Johnny Adams on the report of a German steel mill cyberattack) The visibility into the risk of cyber attacks that this incident provides is valuable, a warning that targeted attacks against Internet of Things (IoT) in general and critical infrastructure in particular need to be taken seriously. But the disproportionate attention to this attack, perhaps because of the dramatic value of a blast furnace explosion, also has the risk of distracting us from the implications of other actual and potential attacks that have occurred recently. I touched on a number of these attacks in my August 2014 blog on “(In)Security of the IoT,” my June 2014 blog on “The Dragonfly Attack,” and in my February 2014 blog on “Rogue Refrigerators.” The BlackEnergy attacks, for example, reported on by ICS-CERT in October 2014 and again in December 2014, received less attention in the press but represented a much more fundamental attack on critical infrastructure. The attack focused on infecting Human Machine Interface components from a number of vendors. Like the attack on US natural gas infrastructure reported by US-Cert in 2013, BlackEnergy represents a broad initiative against industrial capabilities, much more serious than the single attack on a steel mill. The ICS-CERT report on equipment failure at an Illinois water plant also showed the importance of equipment failures and insider error (and insider attacks) when considering the security of critical infrastructure. Much of the response both to the steel mill attack and to BlackEnergy focused on the risks related to connecting critical infrastructure to the web. But as the range of attacks against critical infrastructure has indicated, attacks can leverage many other equally powerful approaches, such as infecting supplier components, direct attacks by insiders and, like Stuxnet, transfer of malware by operators and administrators. Our strategies for defending against cyber attacks have to take into account all of these risks, not just those related to connecting critical infrastructure to the Internet. That strategy has to start from an assumption that compromise-caused failures will occur, just like the series of faults that resulted in the explosion of the Miami electric power substation in 1993.
(Image from a video posted by YouTube user gobo760 about a substation explosion) We certainly need to put in place as effective defensive mechanisms as possible. But we also need to embrace a strategy of visibility, analysis and action that will enable us to respond to all the compromises of critical infrastructure – whether inadvertent or intentional – that will inevitably occur. The post Steel Mills and the Security of Critical Infrastructure appeared first on Speaking of Security - The RSA Blog and Podcast. |
|
|
