This page contains a Flash digital edition of a book.
Safety in the Plant


A new academic study reveals that internal attacks are rising. Louise Smyth reports on how the process sector can take measures to protect itself.


Eine neue akademische Studie ergab, dass Angriffe von innen zunehmen. Louise Smyth berichtet darüber, welche Maßnahmen die verfahrenstechnische Industrie ergreifen kann, um sich zu schützen.


Une nouvelle étude universitaire révèle que les attaques internes augmentent. Louise Smyth explique comment le secteur du traitement peut prendre des mesures pour se protéger.


The danger from within A


s part of their latest academic research, Professor David Upton of Saïd Business School, and Professor


Sadie Creese of Oxford’s Global Cyber Security Capacity Centre have discovered that internal cyber attacks against companies are an increasing threat “that costs tens of billions of dollars a year worldwide, can destroy companies, and sink the careers of many senior executives.” Over the past two years Upton


and Creese have led an international research project whose goal is to provide a major step change on insider threat prevention and detection so companies can be better protected. They found that although many organisations are intensifying their defences against external attack, these safeguards are often ineffective against attacks involving insiders. The study states: “Such attacks from insiders, be they from employees, suppliers or other companies legitimately connected to a company’s computer system, pose a more pernicious threat than external attacks.” Their study showed that 68% of companies are aware of the insider threat, however only 48% of companies


Hack attacks P


rofessor David Upton reveals that there have been a number of high-profile cyber attacks in the process engineering sector, including:


n Trans Siberian Pipeline 1982. This is an early example of an industrial hack. The CIA successfully planted a logic bomb in the SCADA system that controlled the USSR’s gas pipeline. n Aramco 2012. Spear-phishing attack focused on a network of Aramco. Attack infected 30,000 computers and took two weeks to recover, however failed to shut down the flow of oil. n Water Tower Decoy 2012. Chinese hackers APT1 took control of a US Water tower control system, using a malicious virus concealed in an MS Word doc. Nothing was damaged as the water tower was planted as a decoy to attract these types of industrial attacks. n Flame 2012. A very sophisticated virus that ran undetected for years in government organisations, educational institutions and private devices. It was able to record audio, screenshots, keyboard


activity and network traffic. It is believed it was designed to steal closely guarded PDF files and autoCAD drawings for IP theft from a “huge majority of targets in Iran”. n U.S Steel 2010 (also Alcoa, Westinghouse, SolarWorld AG, Allegheny Technologies). US Steel was participating in trade cases with Chinese steel companies. Spear-phishing attacks were launched on US Steel employees, resulting in the installation of malware and subsequent vulnerability of US Steel company networks. n Norwegian Oil Aug 2014. More than 50 oil and energy companies have been hacked, with a further 250 companies being advised to check their networks for evidence of a breach. Statoil was the main target, however methods and motives are still unknown. Three years ago 10 oil and gas firms were targeted through spear-phishing emails allowing perpetrators to steal industrial drawings and login credentials.n


www.engineerlive.com 39 are taking steps to address the risk.


Inside information Upton comments: “The insider threat is particularly prevalent in the process industry as the scope for widespread devastation is vast, should an employee with malicious intent take action. Consider the implications when a disgruntled employee, or indeed an employee that has been ‘planted’ into a particular organisation to cause chaos, takes action to introduce a virus into an oil or gas processing plant, which in turn disrupts – or worse destroys – the national supply.” Research shows that SCADA and Industrial Control Systems (ICS) are the most commonly attacked elements within process automation networks.


Protect and serve So what can process businesses do to protect themselves from such attacks? “Protecting businesses from insider (internal) attacks is vital, however it can be a difficult subject to approach as no-one would like to think their employees might have malicious motives,” says Upton. “First of all, businesses need to prepare for the worst case scenario;


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68