Critical Infrastructure Protection, Research Paper Example

SCADA Worm

The critical infrastructure of any country consists of composite, self-governing and cyber based resources, which is vital for the nation’s financial system and supervision. It is concerned with communications, transportation, water supply, energy, emergency services, and banking and finance. On the other side, vulnerabilities also emerged causing disruption to the critical infrastructure affecting in several ways. Although there are many vulnerabilities, cyber-attacks are the most prominent one. Cyber-attacks approach the target in a nontraditional way. Due to inequity in the military strengths, hackers attack this critical infrastructure affecting both the economy as well as the military sector of the country (SANS: Critical infrastructure protection). Economy of countries adopting a computerized critical infrastructure relies on cyber-supported infrastructures, enabling hackers to attack on the information systems and the infrastructure to damage the economy and military strength (SANS: Critical infrastructure protection).

The virus was developed to target a specific type of equipment installed in the industry. For instance, it can affect high frequency convertors contribute massively for Uranium enrichment. The density level of ‘Stuxnet’ is considered by the fact including a report demonstrating the initial discovery of this virus consisting of more than half the instances. Moreover, the report identified the emergence of this virus from Iran. As previously, some problems were identified in Iran’s uranium enrichment facility. These facts concluded by some analyst were to relate this virus from an example of ‘cyberwarfare’ that was purposely built for Iran’s controversial nuclear facility. However, Iran’s government refused for any possible issues due to ‘Stuxnet’ (Stuxnet (computer virus).2010). ‘Stuxnet’ is a software program or ‘Worm’ that infects the industrial control systems. The complexity of the virus indicates that it has been developed by the group of expert hackers funded by a national government. The software does not indicate that it has been developed by hacker or cyber criminals (The meaning of stuxnet2010). The security experts break the cryptographic code of the virus to peek in and identify the objective and working methodology. After analysing the behaviour of the virus, Initial thought of the experts were that the virus is tailored for stealing industrial secrets and factory formulas. The formulas can be used to build counterfeit products. This conclusion went wrong when Ralph Langner, who is an expert of the industrial system security revealed that the virus targets Siemens software systems. He also published that the virus may have been used to sabotage Iran’s nuclear reactor. Langner simulated  Siemens industrial network to test the activity of the virus (Stuxnet virus may be aimed at Iran nuclear reactor – ComputerworldUK.com ). This proved to be right as an article was published on ‘www.computerworld’ regarding “Officials in Iran have confirmed that the Stuxnet worm infected at least 30,000 Windows PCs in the country, multiple Iranian news services reported on Saturday.”Langner reveals that when the virus achieve its target at the last level, it modifies itself to a Siemens code named as “Organization Block 35”. The default functionality of this Siemens component monitors the vital factory operations within 100 milliseconds by modifying itself to a Siemens critical component (Stuxnet virus may be aimed at Iran nuclear reactor – ComputerworldUK.com). ‘Stuxnet’ aims for specific types of power supplies called as frequency convertors. These frequency convertors regulate the speeds of these motors by modifying the charge of electric power transmitted. ‘Stuxnet’ dominates the device that modifies the electric charge by which these motors vary there speeds. ‘Stuxnet’ would result in incorrect results or may lead to a hardware failure can increase the charge. The Symantec report illustrates it as “Stuxnet is a highly complex virus targeting Siemens’ SCADA [“supervisory control and data acquisition”] software. The threat exploits a previously unpatched vulnerability in Siemens SIMATIC WinCC/STEP 7 (CVE-2010-2772) and four vulnerabilities in Microsoft Windows, two of which have been patched at this time (CVE-2010-2568, CVE-2010-2729). It also utilizes a rootkit to conceal its presence, as well as 2 different stolen digital certificates” (Stuxnet (computer virus).2010).

IT Security Framework

The security framework is completed by three high level factors i.e. people, process, Technology.  By integrating these three elements together within an organization, the environment is safe guarded and aligned with business objectives. Likewise, policies and procedures are based on a well-established IT security framework. For minimizing risks from Stuxnet, an effective patch management policy can check for updates on security bulletins and patches. Moreover, this framework also establishes a path to implement information security policies and procedures. Moreover, government should enforce controls in the intelligence agencies to detect these advanced persistent threats before spreading in the critical infrastructure.

Mitigation Efforts

Siemens has already started mitigating the vulnerability that was present in the industrial control software via the Stuxnet triggered. The security patch developed by Siemens will mitigate the risk of uploading data in the programmable logical controllers of Siemens Simantic S7, as these controllers are installed globally in different industrial sectors for automated production process (Siemens blocks stuxnet attacks.2012). Moreover, research on a global scale is already in progress for enhancing the security of industrial controllers. Likewise, one of the researches incorporate risk assessment model of information systems of an organization, as these systems will be tested for their integrity, ciphering, encryption and intrusion prevention system. In addition, the risk assessment model will also calculate the probability of revenue loss after cyber-attacks. Furthermore, at a national level, United States of America is constructing a national cyber test bed for mitigating cyber-attacks, as the critical infrastructure was severely damaged by Stuxnet.

References

SANS: Critical infrastructure protection Retrieved 11/20/2010, 2010, from http://www.sans.org/security-training/critical-infrastructure-protection-12-mid

Stuxnet (computer virus). (2010). Background Information Summaries, , 7-7.

Stuxnet virus may be aimed at iran nuclear reactor – ComputerworldUK.com Retrieved 11/20/2010, 2010, from http://www.computerworlduk.com/news/security/3240458/stuxnet-virus-may-be-aimed-at-iran-nuclear-reactor/

Siemens blocks stuxnet attacks. (2012). TCE: The Chemical Engineer, (855), 8-8.

The meaning of stuxnet (2010). Economist Newspaper Limited.