Computerworld - Last week's disclosure of a sophisticated malware program targeting control system software from Siemens AG has renewed long-standing concerns about whether the U.S power grid can withstand targeted cyberattacks.
The malware program, called Stuxnet, is designed to exploit a Windows Zero Day flaw to find and steal industrial data from Supervisory Control And Data Acquisition (SCADA) systems running Siemens' Simatic WinCC or PCS 7 software.
Stuxnet is the first publicly-known malicious software program written specifically to exploit vulnerabilities in a SCADA system.
"It could be a proof-of-concept to show control systems can be attacked" in a deliberate fashion, said Eric Knapp, director of critical infrastructure markets at NitroSecurity Inc. a Portsmouth, N.H.-based security vendor.
SCADA systems are used to control critical equipment at power companies, manufacturing facilities, water treatment plants and nuclear power operations. Typically, the systems run on segmented networks that are not directly connected to the Internet, making them external access difficult.
But analysts for long have warned that SCADA systems -- especially older ones -- have several exploitable vulnerabilities.
One example was demonstrated by researchers at the Idaho National Laboratory three years ago. In a dramatic experiment, codenamed Aurora, researchers there demonstrated how a hacker could simply use a dial-up modem to exploit a SCADA vulnerability that could physically destroy a massive power turbine.
The potential for such attacks has risen sharply in recent years as many SCADA systems, including those at some very large public power companies, are increasingly integrated with networks with direct links to the Internet. In a high-profile story last year, the Wall Street Journal reported that cyberspies in Russia, China and other countries had already taken advantage of such vulnerabilities to deeply penetrate the U.S electrical grid.
The Stuxnet program appears to have been created for industrial theft more than anything else, Knapp said. However, he added, the Trojan could just as easily have been designed to sabotage a SCADA system. In fact, it is quite possible that the creators of the worm may have more tricks up their sleeve, he said
Ryan Permeh, manager of product security at McAfee, noted that the Stuxnet development effort was likely quite time-consuming, making the goal of the developers especially worrisome. In addition, he said that the malicious code was digitally signed using valid digital certificates, which allows Stuxnet to evade security software.
The digital certificates used in Stuxnet were originally issued to two companies based in Taiwan. Permeh said the creators of Stuxnet had to either directly steal the certificates from the companies or purchase from someone else that had previously stolen the certificates. The cost for such certificates can reach as high as $500,000 in such an underground market, Permeh added.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
