CG1012_Mail
CG1012_Mail
CG1012_Mail
CG1012_Mail
CG1012_Mail

Smart Manufacturing; Virus Protection

Dec. 6, 2010
Our Readers React to Our Article About Smart Manufacturing and Explain Why Stuxnet Happens and Why Everybody Is Vulnerable

Nailing Smart Manufactuing

Thanks for your superb article on smart manufacturing. You have hit the nail on the head.

Steve Fewell
E&I tech, Graphics Packing,
Middletown Ohio

The Stuxnet virus continues to generate a lot of discussion on our blogs. The following are reactions to Walt Boyes' Soundoff post on Oct. 28, "Who's Vulnerable?" (http://tinyurl.com/28w7lnx).

Why Did Stuxnet Happen?

Let's assume for the sake of argument that the attackers were either the United States or Israel, and that the target was the uranium enrichment facility in Iran. It is likely that neither were willing to expend the political capital or the backlash of a direct military attack. There was no physical access. This is why the cyber attack became likely. Other avenues of action were not nearly as practical.  

That is not the case for most utilities in Western countries. Physical attacks are very practical. What if the guy who took an axe to the UPS at Cal ISO had coordinated with a companion at the backup site? What if someone coordinated attacks against a few very large transmission lines? 

The things that should keep us up at night are all threats, not just the cyber threats. Also, many hackers may be reluctant to write viruses against common ICS hardware because they know that their attack will spread and may very well blow back upon them. People like their running water, heating and electricity. It's funny when it happens to someone else; it's not so funny when the attack is traced back to you, and, oh, by the way, it spreads well past the intended target and affects your utilities, too. 

Yes, everyone is vulnerable. And that may be the one reason why very few hackers have invested much effort in writing a virus that would take down the power in their neighborhood. 

Submitted by ab3a on Friday, Nov. 5, 2010. 

Everybody Is Vulnerable

Two things. First, Coyle's following observation [P. J. Coyle, Chemical Security News blog at http://tinyurl.com/2bp3wn5]  should be read three times by everyone:

"The comments that it must have been a nation-state attack on a politically motivated target just reinforces the perception that most domestic industries don't have to worry about such a sophisticated attack against their own facilities because they've done nothing to attract the ire of the United States, Israel or any other computer-savvy country."

This is a notion that I predicted early; it was the premier reason why I did not answer interview requests [at the ACS Conference, Sept. 20-23, 2010]. The media was focusing on the cyber-war aspect of Stuxnet, while we in the community were concerned about the broader issue of easy copycats. Joe [Weiss, principal at ACS] will remember this vividly because he acted involuntarily as my press agent. It happened anyway. Everybody willing to argue risk away will find a reason for it. "A nation-state won't attack us, so we'll keep doing nothing."

I agree with Walt that everybody is vulnerable. Coyle approaches the issue from the threat side, focusing on targeted attacks, like cyber-terrorism. After Stuxnet, this has become much more realistic, because terrorists, as any other would-be attacker does, have learned that the key issue in a cyber-attack against an air-gapped facility is to get thumb drives into it. Let's assume you have any insider in the target with no technical knowledge, but the ability to plug a thumb drive into any system attached to the PCN. You're in business. Average hackers will write malware that attacks controllers,without any interest to hit a specific target. Just see how much damage you can cause—the more, the better.

Submitted by Ralph Langner on Friday, Oct. 29, 2010.