Once Stuxnet tore its way through Iranian industrial sites back in 2010, it got the world rethinking how secure their systems were. It becomes hard to trust current technology once you have seen firsthand how easy it is to exploit. An article at Automation World discusses what is changing in cyber security in the wake of Stuxnet.
Board Up the (Microsoft) Windows
Security risk is starting to be treated like supply chain risks and other portfolio risks; it is worth the attention of the executive suite. More money is being allocated to security, and in general, there is a much higher level of awareness than there was previously. One example of better security at work is seen in Siemens, who uses a processor that provides “point-to-point authentication in the protocol.” The Department of Homeland Security (DHS) has also gotten in on the act, providing many earnest resources for businesses to better protect themselves.
Brian Ahern, CEO of Industrial Defender, says that once a great perimeter defense has been constructed, we still need to remember to insert additional defenses inside the perimeter. He calls for host and network intrusion detection. Indeed, the degree to which we do not know our own systems can be at once funny and frightening. DHS found that there are on average 11 separate connections from a control system to the business network. Eric Byres of Byre Security says in one case he discovered 17 unknown connections from a system for an organization. It ultimately boils down to this:
The reality that manufacturers have to adapt to is that you can’t stop infections from happening, Byres says. “You can’t keep every virus or hacker out of your plant floor any more than you can keep a virus out of the human body. You have to build a system that can deal with viruses like the human body does. It has to be able to spot something nasty when it comes in and deploy the programs to deal with it. Your strategy has to be about how to contain and deal with security problems, not block them out entirely … because that can’t really be done.”
You can read the whole article here: http://www.automationworld.com/security/stuxnet-effect-cyber-security