Damage to German Factory Shows Danger of ICS Hacks
An attack against a steel manufacturing plant resulted in significant damage, underscoring the increasing danger to operational networks.A German steel factory suffered a major cyber-attack, causing physical damage to the plant's systems, according to a report published this week, which underscored that industrial-control networks need to be better secured against online attackers, experts said. The attack resulted in "massive damage" to the physical systems; a number of "system breakdowns resulted in an incident where a furnace could not be shut down in the regular way and the furnace was in an undefined condition," according to a translation of a report released by the German government. The attackers used social engineering to gain access to the office networks at the steel firm, by sending crafted email messages to administrators. The attackers then used their beachhead in the IT network to compromise the operational network. The attack shows that those responsible for utilities, industrial manufacturing plants and critical infrastructure need to take cyber-security more seriously, Carl Wright, general manager for security firm TrapX, told eWEEK. "It is a sector where there has not been a lot of security investment—in the protocols or in the devices—because they have historically been closed systems," Wright said. "But now, for convenience and for interconnecting a variety of data collection purposes, the manufacturing network is now connected to the corporate network."
The report — published by the Bundesamt für Sicherheit in der Informationstechnik (BSI), the German Federal Office for Information Security—stated that the attackers had both IT security expertise and knowledge of industrial control systems (ICSes). While security researchers have pointed out an increasing number of vulnerabilities in ICSes, documented attacks that result in actual damage are rare. The U.S. Industrial Control System Computer Emergency Readiness Team (ICS-CERT) has documented many attacks on utilities and manufacturing firms, but only the Stuxnet attack is known to have caused damage, Robert M. Lee, co-founder of Dragos Security, said in an analysis of the reported incident.