AOH :: ISNQ6995.HTM

Stuxnet Attack Exposes Inherent Problems In Power Grid Security

Stuxnet Attack Exposes Inherent Problems In Power Grid Security
Stuxnet Attack Exposes Inherent Problems In Power Grid Security


http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml?articleID=227500817 

By Kelly Jackson Higgins
DarkReading
Sept 27, 2010 

While the Stuxnet worm attack has raised the bar for targeted attacks on 
the critical infrastructure, it's not the first time the power grid has 
been in the bull's eye. Attacks against these systems are actually quite 
common -- it's just that they are mostly kept under wraps and rarely 
face public scrutiny like Stuxnet has.

Nearly 60 percent of critical infrastructure providers worldwide, 
including oil and gas, electric, and telecommunications, say they have 
been targeted by "representatives" of foreign governments, according to 
a study published earlier this year by The Center for Strategic and 
International Studies and commissioned by McAfee. More than half of the 
respondents had experienced a targeted, stealthy attack akin to the 
Aurora attacks that hit Google, Adobe, and nearly 30 other companies 
earlier this year. In addition, nearly 90 percent of the respondents 
said their networks had been infected with malware, and more than 70 
percent had been hit with low-level DDoS attacks and vandalism, insider 
threats, leakage of sensitive data, and phishing or pharming.

As reported last week, Stuxnet has shed light on just how vulnerable 
their control systems really are, and as the first known malware attack 
to target power plant and factory floor systems, it has been a wake-up 
call for the potential damage that could be inflicted on a power plant 
and the potential consequences to the physical world. Though no one 
knows for sure who created and launched it (speculation has pointed to 
nation-state sponsorship) or what the endgame really was, the 
concentration of infections has mostly been in Iran and India. Nearly 60 
percent of Stuxnet infections were located in Iran, according to 
Symantec.

Speculation that the worm was specifically gunning for Iran's nuclear 
power plant gained a bit more traction in the past couple of days: 
Iran's official news agency reported over the weekend that Stuxnet had 
infected employee machines at the plant, according to an AP report. And 
some 30,000 IP addresses had been across Iran, according to other 
reports.

[...]


_______________________________________________________      
Subscribe to InfoSec News - www.infosecnews.org 
http://www.infosecnews.org/mailman/listinfo/isn

Site design & layout copyright © 1986- CodeGods