Email
Password
Remember meForgot password?
    Log in with Twitter

article imageEthernet switches used in nuclear plants vulnerable to hacking

By Caroline Leopold     Aug 2, 2015 in Technology
The world’s most important factories and facilities, including power plants, are vulnerable to devastating cyberattacks. Fixes have been found, but it can take up to three years to patch a problem.
Remote access of large industrial facilities — including nuclear plants — is possible through ethernet switches, cybersecurity researchers say.
Some major industries are acting on this research, but whether these problems will be fixed before a malicious attack causes major damage is uncertain.
The security vulnerabilities are in a technology called Industrial Ethernet Switches (IES) — the devices create internal networks, which are vital to modern industry. Because these switches aren't normally found in homes, the public is not aware of them or the risk they can pose.
IES are found everywhere in industrial environments such as factories, refineries, ports, hydroelectric dams and in nuclear power plants. According to researchers, attackers can gain full control of an industrial plan and possibly cause fatal damage.
A security firm IOActive and risk researchers have been on a search to find and solve IES vulnerabilities, working with at least four industrial switch vendors — Siemens, General Electric, Opengear and Garrettcom. The goal is to find and work out solutions, before attackers find their way in, first.
“Anything that the facility is capable of in its natural operating system, you're [an attacker] capable of doing—and doing damage with if you control the network,” Robert Lee, a security researcher and active-duty U.S. Air Force Cyber Warfare Operations Officer told the Daily Dot.
“With a power station, you can have major repercussions. With a hydroelectric dam, if you don't monitor processes in a normal situation, it'll spin out of control. Everything you have can be manipulated.”
Industrial attacks are greatly feared for their capacity to do widespread damage, such as by killing power grids and causing train derailments. Past malicious attacks such as the discovery of Stuxnet, a 500-kilobyte computer worm that disrupted more than a dozen industrial sites in Iran, including a uranium-enrichment plant, according to IEEE.
In 2014 a cyber attack caused major damage in a German facility when factory owners were unable to shut down a blast furnace. The attackers staged an intrusion through the corporate computers and maneuvered their way to the furnace, an official report said.
As is common with cybersecurity work, researchers find a hole and then notify the parties that need to fix the problem. Then, patches are rolled out and adopted to make whatever vulnerable component secure.
Surprisingly, it can take up to three years to fully fix any given problem, according to the Daily Dot.
The process is slow and costly. Switch vendors like General Electric took eight months and Siemens three months to offer patches that don't always fix the entire problem. Industrial facilities are slow to adopt the patches and it may take a year or longer.
The cost for a factory or large facility to adopt the patch requires talking to several levels of management and taking the entire network offline, which can cost thousands or even millions each hour, according to researchers. For that reason, industrial facilities usually don't accept patches except for once a year or longer.
Lee advocates for greater awareness about the problem, but says that the public need not be overcome with fear, despite the media accounts. While the consequences of an attack are severe, they are not without limits. Certain scenarios such as a cascading industrial failures, such as in the power grid, are not possible.
More about Industrial Ethernet Switches, stuxnet worm, industrial cyberattack, hack iran power plant, IOActive