Thursday, January 26, 2012

Project Basecamp 2012 a Hit... Are We Really Ripe for More Attacks Like Stuxnet?
-Researcher Ralph Langner says "Yes" at NATO Keynote.

Project Basecamp A Hit- But Will It work?

Researchers participating in Project Basecamp clearly demonstrated just how extremely fragile and vulnerable many Industrial Control Systems (ICSs) remain to targeted cyber attacks during DigitalBond's S4 conference this month. Amazingly, a number of persistent vulnerabilities include poorly devised "features" in addition to a bucket load of underlying software flaws. Tools released include point and click easy Metasploit modules. All of this effort to extensively demonstrate persistent ICS security problems is ultimately intended to wake up C-level executives to help amp up pressure on the vendors for secure replacements ("a Firesheep moment"). Regardless, don't expect much soon as many experts agree we've seen ten years pass with few ICS vendor security improvements. DigitalBond's site continues dishing up excellent interviews (podcasts), videos, and blog entries worth paying attention to for those interested in ICS security.

What about Stuxnet - More to come or really just a one time event?

Here’s one of the most insightful, solid presentations available explaining how Ralph Langer & team pulled apart Stuxnet, what they found, and broader implications. While the Stuxnet windows “dropper” was top tier malware in many ways, including multiple zero-days, the real rocket science was approx. 15,000 lines of crafted industrial control system (ICS) malware   “digital warhead” payload developed by seasoned engineers (Langner’s opinion- not just “hackers”) targeting specific nuclear enrichment ICS assets.

Mr. Langner makes a solid case that this was a highly successful attack (like a missile) which invites an escalation for more to come. The code and modular approach itself is reusable in many ways. He’s also written a book "Robust Control System Networks: How to Achieve Reliable Control After Stuxnet" that ICS engineers, others can benefit from focusing on designing ICS systems with robust security baked in ..more.
Today (1/26) Safari Books Online has followed through on their promise to make Langner's book available to members at my request in 2011- oh yeah!

No comments: