Light Dark
March 10, 2017 By Domenico Raguseo 2 min read
Energy & Utility
Mainframe

Security researchers discovered Stuxnet in 2010, and it has since become one of the most well-known malware campaigns in history. The attack was developed to damage programmable logic controllers (PLCs) and supervisory control and data acquisition (SCADA) systems using four zero-day vulnerabilities in Microsoft Windows. What has the cybersecurity community learned from this incident?

SCADA Security Lessons From Stuxnet

Nowadays, not even the most secure plants are isolated from threats. In the case of Stuxnet, the gap between the isolated plant and open infrastructure was bridged by a USB key.

But what does Windows have to do with SCADA? SCADA systems are no longer isolated boxes running on proprietary protocols. Today, they can be accessed by a human/machine interface (HMI), either integrated with the rest of the IT environment or simply using classic IT. Therefore, defending SCADA is about protecting everything that surrounds the system.

Protecting OT to Secure IT

SCADA systems are an important but severely limited part of the IT arsenal required to provide a service. In the case of a nuclear plant, many devices belong to the operational technology (OT) environment, in addition to those that correspond to IT. In fact, cybercriminals often reach IT assets through holes in OT systems. This enables them to easily discover vulnerabilities without the technical know-how or pricey equipment required to make an exploit out of the box.

OT consists of classic IT, SCADA, and many sensors and other devices. For this reason, OT is often included in discussions about the Internet of Things (IoT). The difference is that OT is always managed by someone who is responsible for security. In the case of IoT, there is very little accountability because devices such as smart refrigerators and cameras are often designed and operated by parties that have no stake in security whatsoever.

Learning From History

It is critical to protect your OT to keep cybercriminals from poking through, but don’t forget to protect your IT as well. It’s equally important to secure all IoT devices throughout the design phase. If IT professionals can learn from history, they can prevent a catastrophic incident like Stuxnet from befalling their organizations.

Read the IBM X-Force research report: Security Attacks on Industrial Control Systems

 |  |  |  |  |  | 
Domenico Raguseo
Technical Sales and Solutions Leader in Europe, IBM Security

More from Energy & Utility
May 15, 2023

Today’s biggest threats against the energy grid

2 min read - Without the U.S. energy grid, life as we know it simply grinds to a halt. Businesses can’t serve customers. Homes don’t have power. Traffic lights no longer work. We depend on the grid operating reliably each and every day for business and personal tasks. That makes it even more crucial to defend our energy grid from modern threats. Physical threats to the energy grid Since day one, the grid has been vulnerable from a physical perspective. Storms knocking the grid…

April 13, 2023

2022 industry threat recap: Energy

3 min read - In 2022, 10.7% of observed cyberattacks targeted the energy industry, according to the X-Force Threat Intelligence Index 2023. This puts energy in fourth place overall — the same as the year prior and behind manufacturing, finance and insurance and professional and business services. The report notes that this reduction in total cyberattacks may be partly tied to pushback from highly public breaches in 2021, such as the Colonial Pipeline attack. Despite the overall drop in threats, however, the industry remains…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature