Industrial Control Equipment May be Vulnerable to New Style of Attacks: Report

By Beecher Tuttle October 24, 2011

Security experts have been able to replicate quickly and inexpensively last year's high-profile attacks on computerized industrial control equipment in power plants in Iran – breaches that were known at the time as being so sophisticated they could only have been pulled off by a nation-state or a well-financed group of investors, according to the Associated Press.

The news could predict a new round of attacks on facilities that utilize electronic controller systems like the ones that were targeted by the Stuxnet worm in Iran.

In September of 2010, computer security company Symantec said that the Iran attacks "would not be easy for a normal group to put together," and would have to be initiated by individuals with intimate knowledge of industrial control systems.

But a year later, security researchers like Dillon Beresfordr have identified as many as a dozen vulnerabilities in the same kind of industry controllers as those used in Iran. What is worse, Beresfordr did it on his own in just two months, while investing only $20,000 in the project, says the AP.

"What all this is saying is you don't have to be a nation-state to do this stuff. That's very scary," Joe Weiss, an industrial control system expert, told the news source. "There's a perception barrier, and I think [Beresfordr] crashed that barrier."

The difficulty with mitigating attacks like those against Iran is that industrial controllers are very expensive and have large shelf-lives. This makes replacing the systems a major project for every company, government or facility that utilizes them.

Unfortunately, the AP references several examples of consulting firms that found multiple vulnerabilities in power plants, correctional facilities and other U.S.-based institutions that rely on industrial controllers.

Compounding the report is the fact that researchers have identified a new malicious program based on the infamous Stuxnet worm. Symantec – which discovered the malware, dubbed Duqu – said that it shares a lot of Stuxnet's code and compares equally in terms of sophistication.

“Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party,” the Symantec researchers said. “The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility."

So far, Duqu has only affected a few organizations in Europe, says Symantec.


Beecher Tuttle is a TechZone360 contributor. He has extensive experience writing and editing for print publications and online news websites. He has specialized in a variety of industries, including health care technology, politics and education. To read more of his articles, please visit his columnist page.

Edited by Rich Steeves

TechZone360 Contributor

SHARE THIS ARTICLE
Related Articles

Is 5G a Spectrum-eating Monster that Destroys Competition?

By: Fred Goldstein    6/15/2018

To hear the current FCC talk about it, 5G mobile service is the be-all and end-all of not only mobile communications, but the answer to most of the co…

Read More

FX Group Makes the Red Carpet Shoppable with Blockchain-Based mCart Marketplace-as-a-Service

By: TMCnet News    6/14/2018

mCart by Mavatar announces the launch of the world's first blockchain-based decentralized mCart marketplace by the FX Group.

Read More

Judge Gives AT&T-Time Warner Deal Green Light

By: Paula Bernier    6/12/2018

Federal judge Richard Leon gave the $85 billion deal the green light today - and without any requirements to sell off any parts of the company. He als…

Read More

A New Foundation for Evolving Blockchain As a Fundamental Network Technology

By: Arti Loftus    6/12/2018

There are now thousands of blockchains, and unless you are a cryptophile, you won't recognize most of them.

Read More