Cyberattack on German steel factory causes ‘massive damage’

From IT World:

A German steel factory suffered massive damage after hackers managed to access production networks, allowing them to tamper with the controls of a blast furnace, the government said in its annual IT security report.

The attackers got in through spear phishing, then were able to access the ICS directly.

I’m expecting 2015 to be an interesting year for ICS security.


South Korean Nuclear Plant Hack

From Reuters:

The Korea Hydro and Nuclear Power Co Ltd (KHNP) and the government said only “non-critical” data was stolen by the hackers, and that there was no risk to nuclear installations, including the country’s 23 atomic reactors.

South Korea’s energy ministry said it was confident that its nuclear plants could block any infiltration by cyber attackers that could compromise the safety of the reactors.

“It’s our judgment that the control system itself is designed in such a way and there is no risk whatsoever,” Chung Yang-ho, deputy energy minister, told Reuters by phone.

“It is 100 percent impossible that a hacker can stop nuclear power plants by attacking them because the control monitoring system is totally independent and closed,” the official said.

100% percent impossible? That sounds like a challenge.

I’m willing to wager that “non-critical” data could be a good starting point for crafting a more sophisticated attack. But of course, nothing has ever jumped an air gap…


Very realistic

I’ve been reading through Kim Zetter’s excellent new book, Countdown to Zero Day: Stuxnet and the Launch of the World’s First Digital Weapon and saw this reference to Sandia (and indirectly, to my colleague John Mulder):

“In a 2009 report on 60 Minutes , researchers at Sandia National Lab showed how they could cause components at an oil refinery to overheat by simply changing the settings of a heating element and disabling the recirculation pumps that helped regulate the temperature.”

I found the article at CBSNews.com, but haven’t been able to track down the actual video.

“The first thing we had to do was actually gain access to the network and that’s, we just got that as launch attack. And then we turn up the BTUs, and then we’re turning off the re-circulator pump. There we go,” Mulder said.

Mulder said this type is simulation is “very” realistic.