Light Dark
March 10, 2017 By Domenico Raguseo 2 min read
Energy & Utility
Mainframe

Security researchers discovered Stuxnet in 2010, and it has since become one of the most well-known malware campaigns in history. The attack was developed to damage programmable logic controllers (PLCs) and supervisory control and data acquisition (SCADA) systems using four zero-day vulnerabilities in Microsoft Windows. What has the cybersecurity community learned from this incident?

SCADA Security Lessons From Stuxnet

Nowadays, not even the most secure plants are isolated from threats. In the case of Stuxnet, the gap between the isolated plant and open infrastructure was bridged by a USB key.

But what does Windows have to do with SCADA? SCADA systems are no longer isolated boxes running on proprietary protocols. Today, they can be accessed by a human/machine interface (HMI), either integrated with the rest of the IT environment or simply using classic IT. Therefore, defending SCADA is about protecting everything that surrounds the system.

Protecting OT to Secure IT

SCADA systems are an important but severely limited part of the IT arsenal required to provide a service. In the case of a nuclear plant, many devices belong to the operational technology (OT) environment, in addition to those that correspond to IT. In fact, cybercriminals often reach IT assets through holes in OT systems. This enables them to easily discover vulnerabilities without the technical know-how or pricey equipment required to make an exploit out of the box.

OT consists of classic IT, SCADA, and many sensors and other devices. For this reason, OT is often included in discussions about the Internet of Things (IoT). The difference is that OT is always managed by someone who is responsible for security. In the case of IoT, there is very little accountability because devices such as smart refrigerators and cameras are often designed and operated by parties that have no stake in security whatsoever.

Learning From History

It is critical to protect your OT to keep cybercriminals from poking through, but don’t forget to protect your IT as well. It’s equally important to secure all IoT devices throughout the design phase. If IT professionals can learn from history, they can prevent a catastrophic incident like Stuxnet from befalling their organizations.

Read the IBM X-Force research report: Security Attacks on Industrial Control Systems

 |  |  |  |  |  | 
Domenico Raguseo
Technical Sales and Solutions Leader in Europe, IBM Security

More from Energy & Utility
June 20, 2024

Water facilities warned to improve cybersecurity

3 min read - United States water facilities, which include 150,000 public water systems, have become an increasingly high-risk target for cyber criminals in recent years. This rising threat has demanded more attention and policies focused on improving cybersecurity.Water and wastewater systems are one of the 16 critical infrastructures in the U.S. The definition for inclusion in this category is that the industry must be so crucial to the United States that “the incapacity or destruction of such systems and assets would have a…

March 20, 2024

The UK energy sector faces an expanding OT threat landscape

3 min read - Critical infrastructure is under attack in almost every country, but especially in the United Kingdom. The UK was the most attacked country in Europe, which is already the region most impacted by cyber incidents. The energy industry is taking the brunt of those cyberattacks, according to IBM’s X-Force Threat Intelligence Index 2024.The energy sector is a favorite target for threat actors. The complexity of systems and the reliance on legacy OT systems make them easy prey. Because of the critical…

February 6, 2024

Third-party breaches hit 90% of top global energy companies

3 min read - A new report from SecurityScorecard reveals a startling trend among the world’s top energy companies, with 90% suffering from data breaches through third parties over the last year. This statistic is particularly concerning given the crucial function these companies serve in everyday life.Their increased dependence on digital systems facilitates the increase in attacks on infrastructure networks. This sheds light on the need for these energy companies to adopt a proactive approach to securing their networks and customer information.2023 industry recap:…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature