Posted By Jeff Moad, June 11, 2012 at 12:15 PM, in Category: Factories of the Future
The notion that state-sponsored cyber attacks threaten industrial targets gained momentum recently with reports that a new, highly virulent worm has hit oil field and other petroleum industry systems in the Middle East. The so-called Flame worm reportedly is highly sophisticated and is designed to steal information, unlike the widely-reported Stuxnet and Duqu worms which were designed to disable industrial equipment. More a toolkit than a traditional worm, Flame is said to be highly malleable, with multiple ways to propagate itself.
Experts currently seem to be at a loss as to who launched Flame and why. But, they say, due to its sophistication, it's unlikely to have come from an individual or even organized crime. It is most likely, they say, a state-sponsored attack. There is speculation that the sites it has so far attacked include oil fields in Iran.
The apperance of the Flame worm suggests two worrisome trends for manufacturers whose control systems are increasingly exposed to such attacks. First, it seems clear that the incidence of apparently state-sponsored cyber attacks is not abating, and that worms from these sources that target industrial sites are become more sophisticated. Second, this may mean that existing security solutions--such as the bastion model in which a proxy server is deployed outside the firewall or in the DMZ to protect interal systems--may not be adequate.
Do you believe worms such as Flame, Stuxnet, and Duqu represent increasing threats to industrial systems? If so, is your company adjusting its security model?
Written by Jeff Moad
Jeff Moad is Research Director and Executive Editor with the Manufacturing Leadership Community. He also directs the Manufacturing Leadership Awards Program. Follow our LinkedIn Groups: Manufacturing Leadership Council and Manufacturing Leadership Summit