22.07.2015 15:31

Cyber-attacks on Industrial Automation Systems are not new. Hackers have been probing, and in many cases, penetrating these systems for many years. Some of these attacks are similar to, or even identical to, the attacks used against corporate IT systems. 

In some cases, PC malware has infected industrial automation systems that were not specifically targeted. Existing IT security solutions can be used to protect against these attacks. 

More troubling are recent threats that specifically target industrial automation system. Kaspersky Labs recently reported a number of previously unpublicized attacks, malware and embedded surveillance tools, some of which were used against industrial automation systems. Other industry specific threats that have recently emerged include Havex and BlackEnergy

Industrial Automation Cyber Threat

Recent malware and cyber threats specifically targeting industrial automation systems illustrate weaknesses in the current cybersecurity solutions for industrial automation. These threats provided the ability to:

• Systematically penetrate and map air-gapped systems with malware riding USB drives to jump back and forth between air-gapped systems and the connected network; and then report data to a remote command and control system
• Operate “below the OS” at the firmware level, and discover  encryption keys, crack encryption algorithms, and remain hidden in place even through a complete operating system reinstall
• Replace hard-drive firmware to create a secret storage area on a hard disk that could even survive drive reformatting
• Specifically target ICS and SCADA systems
• Modify legitimate software installers to install and execute additional programs on computers
• Scan for ICS and SCADA protocols such as OPC to gather information and send it back to a Command and Control server for analysis
• Steal passwords and certificates

Read the entire article here - http://www.pddnet.com/articles/2015/07/embedded-cybersecurity-do-we-really-have-problem?

www.pddnet.com