Stuxnet report III: Worm selects site
Now it is time to turn the table and ask “How might this target protect itself from a worm like Stuxnet?”
Stuxnet’s goal from Day One was to destroy a specific industrial process. Earlier in this series we looked at the Swiss Army Knife of techniques that Stuxnet had to carry out the attack. Now it is time to turn the table and ask “How might this target protect itself from a worm like Stuxnet?”
To answer that question, we invented a hypothetical site that is the worm’s target. Then we assumed the site is following all the guidance provided for “high security” sites in Siemens’ “Security Concept PCS 7 and WinCC – Basic Document.” In other words, a site using every recommended state-of-practice technology and procedure to protect itself.
Read the full-length article here.
- Related News:
Wind farm online after rotor crash - 24.03.2011 10:16- U.S. nuke design could help Japan - 24.03.2011 10:15
- Refinery faces fines over safety issues - 24.03.2011 10:14
- PG+E created own pipeline safety rule - 24.03.2011 10:13
- Crew feared pipeline pressure - 24.03.2011 10:12
- Walkie Talkie shuts nuke plant safety system - 24.03.2011 10:11
- Cyber task force eyes power grid - 24.03.2011 10:10
- Antivirus tools no match for different attack vectors - 24.03.2011 10:09
- Malware report: Learn from past attacks - 24.03.2011 10:08
- Hackers get hacked - 24.03.2011 10:07
- RSA hit by cyber attack - 24.03.2011 10:06
- More SCADA vulnerabilities found - 24.03.2011 10:05
- Wonderware vulnerability patch posted - 24.03.2011 10:04
- Stuxnet report V: Security culture needs work - 24.03.2011 10:03
- Stuxnet report IV: Worm slithers in - 24.03.2011 10:02
Integrator Guide
| Search the online Automation Integrator Guide |
|
|
|
|
Visit the System Integrators page to view past winners of Control Engineering's System Integrator of the Year Award and learn how to enter the competition. You will also find more information on system integrators and Control System Integrators Association.
Case Study Database
Get more exposure for your case study by uploading it to the Control Engineering case study database, where end-users can identify relevant solutions and explore what the experts are doing to effectively implement a variety of technology and productivity related projects.
These case studies provide examples of how knowledgeable solution providers have used technology, processes and people to create effective and successful implementations in real-world situations. Case studies can be completed by filling out a simple online form where you can outline the project title, abstract, and full story in 1500 words or less; upload photos, videos and a logo.
Click here to visit the Case Study Database and upload your case study.