As attacks on SCADA systems by the Stuxnet virus increase, Norman Data Defense urges automation specialists to review the security of their control system, as many will not currently be protected.
There is no doubt that criminals, hackers and virus distributors have SCADA systems in their sights. And, according to a leading data defence specialist, this is just one illustration of how much the manufacturing, engineering and infrastructure industries are at risk.
David Robinson, UK and Ireland country manager for Norman Data Defense Systems, says: "Large organisations are at risk as much as smaller companies. Recent attacks on their control systems show just how 'at risk' these and many other organisations that operate these systems are."
The recent security breach of a major automation company was reportedly caused by the Stuxnet virus being carried on a USB memory stick. This new type of virus has a boot file built-in; this activates as soon as the memory stick is powered up on insertion into a USB port. But, warns Robinson, who has fifteen years experience working with companies such as Mistubishi, Rockwell and Intelluition working on SCADA and plant intelligence software, "it is not just memory sticks that are putting these systems at risk. These days anyone with a laptop or a device that connects remotely to a wireless network inside a company's firewall is putting that company at risk. It will just be a matter of time before Stuxnet is evolved to wreak havoc on control systems and any other system that the user connects to if their laptop or portable device is infected."
Staff less cautious at work
Norman Data Defense recently carried out research among ordinary workers and found that over half of people surveyed are more cautious with security issues when using their own PC/laptop than they are with their work one. And over three-quarters of people would expect a pop up to appear on their screen to alert them to a breach of security, which, of course, is not always going to happen.
Microsoft has issued patches to help users on Windows systems to protect themselves against Stuxnet, but, warns Robinson: "My fear is that, with patch management protocols rarely in place in a control system environment, these warnings will go unheeded."
Automation specialists should not think that they can rely on security patches from Microsoft or, indeed, other suppliers of operating systems, as many industrial processes use legacy controls that run on operating systems that are no longer supported.
David Robinson offers the following message to industry:
- Do not ignore the threat (as many business have found to their cost, the threat is real)
- Be proactive (it is far cheaper than being reactive after a security breach has occurred)
- Get secure now (do not be put off by people who say solutions are not available for legacy systems
- because they are available)
- The cost to a business can be substantial if a security breach occurs and causes unplanned downtime
- Always install software patches
Norman describes itself as a world leader and pioneer in proactive content security solutions and forensics malware tools. The company offers malware analysers, network security and endpoint protection systems to meet customers' security needs.