nach oben

Erschienen in:

2013 | OriginalPaper | Buchkapitel

Cyber Security for Chemical Plants

verfasst von : Maurizio Martellini, Stephanie Meulenbelt, Krzysztof Paturej

Erschienen in: Cyber Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

“Cyber Security for Chemical Plants” by Maurizio Martellini, Stephanie Meulenbelt and Krzysztof Paturej provides a technical analysis of possible cyber attacks towards critical infrastructures in chemical industry and chemical safety. The paper analyses attacks and possible countermeasures such as those aimed at sabotage, those exploit the SCADA systems like Stuxnet, and those aimed at espionage, such as Flame. The paper also pictures a possible involvement of the Organization for the Prohibition of Chemical Weapons (OPCW) in cyber security for chemical plants.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Cyber Security for Nuclear Power Plants

Nächstes Kapitel From Fortress to Resilience

Industrial control systems are computerized systems that open and close valves, switches, and factory processes vital to the chemical, industrial, and power sectors.

In 2011, the US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) received 198 reports of incidents, compared to just nine incidents reports in 2009.

The virus was infecting Microsoft’s Windows operating systems using several flaws that had not been detected before (called a “zero days”). Such flaws can be sold on the black market for as much as $100,000 each.

SCADA systems are used to monitor and control processes in industrial facilities and public utilities, such as chemical plants, electric power plants, refineries, oil and gas pipelines, wastewater treatment, and other installations. Large and complex SCADA installations can cover a large geographical area, especially if they include a grid.

The recovered samples have been created after the last-discovered version of Stuxnet.

For Stuxnet to be effective, for instance, its creators needed to know exactly the computer configurations that were used in the facility in Natanz. Traces of an early version of Stuxnet, exploring, scanning, and recording what it found, have been found in 2009. It is believed that the Duqu virus serves a similar purpose.

The Iranian oil sector was at the time already struggling to combat another virus called “Wiper”. The Wiper virus has erased data on hard drives inside the Iranian Ministry of Oil in April 2012. Wiper could be one of Flame’s command modules.

A total of 29 companies in the chemical sector were confirmed to be targeted in this attack wave and another 19 in various other sectors, primarily the defence sector, were seen to be affected as well. These 48 companies are the minimum number of companies targeted and likely other companies were also targeted. Companies affected include: Multiple Fortune 100 companies involved in research and development of chemical compounds and advanced materials; Companies that develop advanced materials primarily for military vehicles; and companies involved in developing manufacturing infrastructure for the chemical and advanced materials industry.

This application is freely available from poisonivy-rat.com. It comes fully loaded with a number of plug-ins to give an attacker complete control of the compromised computer.

The UK Intelligence Agency GCHQ, for instance, estimates that 80 % of the cyber-attacks can be dealt with by better computer ‘hygiene’.

These are all initiatives by the US’s Department of Homeland Security. To obtain a copy of the documents, or for more information, contact: http://www.dhs.gov.

For the Roadmap, check.http://www.us-cert.gov/control_systems/pdf/ChemSec_Roadmap.pdf. For more information, see http://www.chemicalcybersecurity.org/

For more information, check: http://responsiblecare.americanchemistry.com/Responsible-Care-Program-Elements/Responsible-Care-Security-Code/default.aspx.

Available at: http://www.cefic.org/Documents/ResponsibleCare/Feuillet%20RC_SecurityCode_V4.pdf.

For instance, in late 2006, US Congress passed a law that gave the Department of Homeland Security (DHS) the authority to regulate the US’s highest risk chemical facilities and directs DHS to develop chemical facility security regulation. On 9 April 2007, the DHS published the Chemical Facility Anti-Terrorism Standards (CFATS) in response (available at http://www.dhs.gov/files/programs/gc_1169501486179.shtm).

Remarkable in this respect is the fact that the US Bill that sought to protect computer networks running the power grid, gas pipelines and water supply and transportation systems from hackers by creating a set of security standards for companies to meet, known as the Cybersecurity Act of 2012, was voted down by the Senate on Thursday 2 August 2012, despite warnings that hackers could shut down critical infrastructure with the click of a mouse. Republicans opposed the Bill, siding with business lobbyists who claimed that any security standards, even voluntary ones, would unfairly saddle business with cositly regulations. This means that key US national security legislation will likely not be addressed until 2013.

For more information, contact: Mr. K. Paturej, Director OSP, email: krzysztof.paturej@msz.gov.pl .

In the nuclear area some efforts in this respect have been made as well; for instance, IAEA Evaluation Worksheets or NUREG/CR-6847, “Cyber Security Self-Assessment Method for U.S. Nuclear Power Plants”.

For instance, the US National Cyber Security Division has established a mechanism to report vulnerabilities and incidents. Available at: https://forms.us-cert.gov/report/.

M.M. Ahlers, Inside a government computer attack exercise. CNN. (2011). http://edition.cnn.com/2011/10/17/tech/innovation/cyberattack-exercise-idaho/index.html. Accessed 8 Apr 2013

A. Akbar Dareini, D. Murphy, Iran: ‘Flame’ virus fight began with oil attack. The Washington Times. (2012). http://www.washingtontimes.com/nesws/2012/may/30/computer-virus-briefly-hits-irans-oil-industry/?page=1. Accessed 8 Apr 2013

P. Beaumont, N. Hopkins, US was ‘key player in cyber-attacks on Iran’s nuclear programme. The Guardian. (2012). http://www.guardian.co.uk/world/2012/jun/01/obama-sped-up-cyberattack-iran. Accessed 8 Apr 2013

W.J. Broad, J. Markoff, D.E. Sanger, Israeli test on worm called crucial in Iran nuclear delay. The New York Times. (2011). http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html?pagewanted=all. Accessed 8 Apr 2013

G. Burton, Boom in cyber attacks on critical infrastructure reported in the US. Computing. (2012). http://www.computing.co.uk/ctg/news/2188813/boom-cyber-attacks-critical-infrastructure-reported. Accessed 8 Apr 2013

CBS News, Stuxnet: Computer worm opens new era of warfare. (2012). http://www.cbsnews.com/video/watch/?id=7400904n&tag=contentBody;storyMediaBox. Accessed 8 Apr 2013

E. Chien, G. O’Gorman, The Nitro Attacks; Stealing secrets from the chemical industry. Symantec. (2011). http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_nitro_attacks.pdf. Accessed 8 Apr 2013

M. Clayton, Alert: major cyber attack aimed at gas pipeline industry. The Christian Science Monitor. (2012). http://www.csmonitor.com/USA/2012/0505/Alert-Major-cyber-attack-aimed-at-natural-gas-pipeline-companies. Accessed 8 Apr 2013

B. Dehghanpisheh, Attacked by “Flame”: will Iran retaliate for the latest cyberassault?. Time. (2012). http://www.time.com/time/world/article/0,8599,2115970,00.html#ixzz1zfR6JQ2A. Accessed 8 Apr 2013

Department of Homeland Security Office of Cybersecurity and Communication, National Cybersecurity Division, ‘Cyber Storm III’, Final Report. (2011). http://www.dhs.gov/xlibrary/assets/nppd-cyber-storm-iii-final-report.pdf. Accessed 8 Apr 2012

European Union (2012) Council Decision 2012/166/CFSP of 23 March 2012

M.J. Gross, A declaration of cyber-war. Vanity Fair. (2011). http://www.vanityfair.com/culture/features/2011/04/stuxnet-201104. Accessed 8 Apr 2013

N. Hopkins, Stuxnet attack forced Britain to rethink the cyber war. The Guardian. (2011). http://www.guardian.co.uk/politics/2011/may/30/stuxnet-attack-cyber-war-iran. Accessed 8 Apr 2013

J. Hahn, D.P. Gillen, T. Anderson, Process control systems in the chemical industry: safety v. security, 20th Annual CCPS International Conference. INL. (2005). http://www.inl.gov/technicalpublications/Documents/3169874.pdf. Accessed 8 Apr 2013

J. Halliday, Stuxnet worm is the ‘work of a national government agency’. The Guardian. (2010). http://www.guardian.co.uk/technology/2010/sep/24/stuxnet-worm-national-agency. Accessed 8 Apr 2013

N. Hodge, E. Entous, Oil firms hit by hackers from China, report says. The Wall Street Journal. (2011). http://online.wsj.com/article/SB10001424052748703716904576134661111518864.html. Accessed 8 Apr 2013

G. Keizer, Hackers used “Poison Ivy” malware to steal chemical, defense secrets. Techworld. (2011). http://news.techworld.com/security/3314804/hackers-used-poison-ivy-malware-to-steal-chemical-defense-secrets/. Accessed 8 Apr 2013

P.K. Kerr, J. Rollins, C.A. Theohary, The Stuxnet computer worm: Harbinger of an emerging warfare capability. CRS Report for Congress (7-5700/R41524) Congressional Research Service. (2010). http://www.fas.org/sgp/crs/natsec/R41524.pdf. Accessed 8 Apr 2013

D. Lee, ‘Flame: massive cyber-attack discovered, researchers say’. BBC News. (2012). http://www.bbc.com/news/technology-18238326. Accessed 8 Apr 2013

J. Masters, Confronting the cyber threat. Council on foreign relations. (2011). http://www.cfr.org/technology-and-foreign-policy/confronting-cyber-threat/p15577. Accessed 8 Apr 2013

McAfee, Global energy cyberattacks: “Night Dragon”. McAfee Foundstone Professional Services and McAfee Labs. (2011). http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf. Accessed 8 Apr 2013

Newsroom, Chemicals and defence firms targeted by hacking attack. BBC News. (2011). http://www.bbc.co.uk/news/technology-15529930. Accessed 8 Apr 2013

OPCW, Opening statement by the director-general to the executive council at its sixty-ninth session, 10 July 2012, EC-69/INF.3 (2012)

S. Ottewel, Industry gets cyber-security reality check. Chemical Processing. (2011). http://www.chemicalprocessing.com/articles/2011/cyber-security-reality-check.html. Accessed 8 Apr 2013

N. Perlroth, Researchers find clues in malware. The New York Times. (2012). http://www.nytimes.com/2012/05/31/technology/researchers-link-flame-virus-to-stuxnet-and-duqu.html. Accessed 8 Apr 2013

E. Rekers, VS en Israël testten gezamenlijk Stuxnet-worm. Elsevier. (2011). http://www.elsevier.nl/web/Nieuws/Internet-Gadgets/286767/VS-en-Israel-testten-gezamenlijk-Stuxnetworm.htm. Accessed 8 Apr 2013

T. Rid, P. McBurney, Cyber-weapons. RUSI J. 157(1), 6–13

D.E. Sanger, Obama order sped up wave of cyberattacks against Iran. The New York Times. (2012). http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=all. Accessed 8 Apr 2013

G. Smith, Cyber security law fails to pass senate before month-long break. The Huffington Post. (2012). http://www.huffingtonpost.com/2012/08/02/cyber-security-law_n_1733751.html. Accessed 8 Apr 2013

Staged cyber attack reveals vulnerability in power grid. Available through Youtube. http://www.youtube.com/watch?v=fJyWngDco3g&NR=1&feature=endscreen. Accessed 8 Apr 2013

Symantec, W32.Duqu; The precursor to the next Stuxnet version 1.4. Symantec security response. (2011). http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf. Accessed 8 Apr 2013

Symantec, What do you need to know about the ‘Duqu’ threat’. Symantec Security Response. (2011). http://www.symantec.com/resources/articles/article.jsp?aid=20110311_duqu_threat. Accessed 8 Apr 2013

The UK Intelligence Agency GCHQ, for instance, estimates that 80% of the cyber-attacks can be dealt with by better computer ‘hygiene’ (Hopkins op.cit)

US Department of Homeland Security, Roadmap to Secure Control Systems in the Chemical Sector. US-CERT. (2009). http://www.us-cert.gov/control_systems/pdf/ChemSec_Roadmap.pdf. Accessed 8 Apr 2013

K. Vick, Finder of flame virus tells Israel to stop before it’s too late. Time. (2012). http://world.time.com/2012/06/06/finder-of-flame-virus-warns-israel-to-stop-before-its-too-late/

Titel: Cyber Security for Chemical Plants
verfasst von: Maurizio Martellini
Stephanie Meulenbelt
Krzysztof Paturej
Verlag: Springer International Publishing
Buch: Cyber Security
Print ISBN: 978-3-319-02278-9

Electronic ISBN: 978-3-319-02279-6

Copyright-Jahr: 2013
DOI: https://doi.org/10.1007/978-3-319-02279-6_4

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"