Impact of Stuxnet Worm on Critical Infrastructure – Mitigating Strategies
Institutional AffiliationImpact of Stuxnet Worm on Critical Infrastructure – Mitigating Strategies
In the 21st century world dominated by several forms of cyber communications, the perilous threat of an impending cataclysm in form of global cyber attack looms large. Such a sophisticated cyber attack on the critical infrastructure system of a nation, which according to many is the “Digital Pearl Harbor”, will have major global ramifications. The recent episode of Stuxnet worm attack, inflicting significant damage to the uranium enrichment facility in , accentuates the realistic likelihood of such a threat. Besides , where more than a thousand centrifuges were affected, several other organizations with analogous equipment bore brunt of the virus release. The list includes Chevron, a US based oil and energy company, along with many organisations in countries like Pakistan, Indonesia, Germany, India, China, etc. (King, 2012).
The Department of Homeland Security (DHS), , has defined eighteen critical infrastructure sectors as the networks, services or assets, disturbing which would have grave negative implications on the citizens and government. These critical infrastructure facilities rely on computer hardware and software programs for their efficient functioning. The introduction of the Stuxnet worm elicited apprehensions regarding the safety and security of many of these critical infrastructure facilities that are often controlled and monitored by supervisory control and data acquisition (SCADA) system. Such supervisory control and data acquisition systems have been reported to be the specific target of the worm (Langner, 2012). These systems control essential infrastructures in industrial and energy sectors, like oil and gas pipelines, nuclear facilities, water treatment plants, etc. Thus, Stuxnet worm threatens to impair a plethora of activities central to the basic foundation of modern society. The ensuing disruptions could impede the government’s ability to provide essential services including national and international security, rendering the nation vulnerable to a surfeit of socio-political perils. Thus, the advent of the Stuxnet worm has raised several key issues for Congress in terms of risk assessment and devising assuaging strategies for protecting the threatened critical infrastructure facilities.
An experimental project known as the Aurora Project, conducted by DHS in 2009, elucidated key limitations in the SCADA systems that endow them vulnerable to cyber attack. They simulated a computer-based attack on the control system of a power generator, triggering the operations to cease. The SCADA systems lack a definite SCADA-specific security policy. This is coupled with lack of monitoring equipment, poor account management and maintenance, lack of proper communication security related to remote access and wireless connectivity, inappropriate auditing, improper configuration management, lack of physical security, personnel security and platform security.
In 2008, the United States Government Accountability office issued a detailed report delineating that the firewall configurations for SCADA systems at the Tennessee Valley Authority (TVA), largest public power company in US, were poorly set-up and monitored. Even the security passwords were not properly maintained, allowing unauthorized intrusion to sensitive data and equipment, bypassing the firewall systems. In 2011, the Department of Homeland Security (DHS) identified 19 specific categories related to vulnerabilities associated with SCADA systems. Some of them include physical and environmental policy, security awareness and training, information and document management, system and communication protection, system and services acquisition, etc. Furthermore, SCADA systems that are not appropriately isolated from external networks get exposed to vectors of attack.
Acknowledging the risks to critical infrastructure, the government created Presidential Policy Directive21 (PPD-21) which “advances a national policy to strengthen and maintain secure, functioning, and resilient critical infrastructure” (DHS, 2013). Indeed, such strong policies and strategies architectured by government and non-government entities, and strict coordination between them are indispensible to ameliorate this impending menace. Some experts advocate obligatory encryption of computer data in SCADA controlled utilities transmission and distribution systems.
The Department of Energy is undertaking research and development efforts to alter the electric grid by using new information technology. Their effort is directed towards designing so-called “Smart Grid that will be more secure as well as accessible. Another alternative is to improve the protection of the physical aspects of the nation’s critical infrastructure, thus, extenuating possible damage from a Stuxnet worm type of attack. The major general recommendations in this respect include restricting the usage of USB media and other portable storage devices and enforce encryption of sensitive data; using a rigid and methodical procedure for moving code to and from production networks and control systems; introducing devices like air gap control system and restricting connection points to other networks using specialized firewalls and/or one-way data transmission devices; using a dedicated source code management system for control system/PLC code; allowing for version control and rollback to a known good version when unexpected and undesirable behaviour occurs after a modification is made.
In this respect, it must be emphasised that a proper partnership and sharing of responsibility between the private and government agencies is indispensible to surmount this grave threat. With approximately eighty-five percent of key infrastructures privately owned or operated the private sector is an increasingly important factor in the cyber security issues. It requires coordinated action on the part of government (federal, state, and local) and the
private sector. New forms of public-private partnerships are essential to meet the challenges
posed by new technologies and non-traditional threats.
A number of publications by The United States Computer Emergency Readiness Team (US-CERT), International Society of Automation, National Institute of Standards and Technology (NIST), Department of Homeland Security (DHS), The Department of Energy, North American Electric Reliability Corporation (NERC), etc. have delineated effective measures for ameliorating these cyber-security risks in the SCADA systems. Physical security measures can prevent internal threats and can alert security of potential external threats. Updated and properly configured software and hardware, such as firewalls, can ensure that security measures are properly in place to prevent internet-connected actors from gaining access to organizations’ control systems.
In this respect, removal of communication connectivity to all unnecessary networks and proper training is recommended. Experts who comprehend the complexities and vulnerabilities of both modern IT infrastructures and modern industrial control systems must be hired. The IT systems and the industrial systems should be constantly monitored for vulnerabilities. The security controls should be updated when vulnerabilities occur (Reynolds, 2013). Frequent security audits should be conducted. Special attention must be paid to the areas that form the network perimeters between IT equipment and industrial equipment. Thus, major steps and policies for mitigating the vulnerabilities associated with SCADA systems include assessing existing systems, documenting policies and procedures, training personnel and contractors, segmenting the control system network, controlling access to the system, hardening the components of the system, monitoring and maintaining system security, etc.
In the absence of specific information on the full impact of Stuxnet, one can only speculate the magnitude of the risks. By appropriately identifying the probability of specific attacks, elucidating what vulnerabilities exist, and ameliorating each vulnerability with sound cyber security policy, SCADA systems can be more secure. However, it is important to bear in mind that no policy, no matter how pertinent and well designed it is, can successfully combat the threat if we, as utility employees and stakeholders, do not take the suitable level of caution and due diligence in our day to day work that directly impacts ICS and SCADA systems, devices and related/connected equipment. Thus, thoroughly designed, firmly enforced policies and procedures, coupled with coordinated government and private efforts are needed to assuage these threats and prevent a “Digital Pearl Harbor”.
Department of Homeland Security (DHS). (2013). Water sector: Critical infrastructure sector overview. Retrieved from http://www.dhs.gov/water-sector
King, R. (2012, Nov. 9). Virus aimed at infected Chevron network. The Wall Street Journal. Retrieved from http://online.wsj.com/article/SB10001424127887324894104578107223667421796.html
Langner, R. (2012). Robust control system networks: How to achieve reliable control after stuxnet. : Momentum Press.
Reynolds, G. W. (2012). Ethics in information tehnology (4th ed.). : Course