Are your system firewalls like Swiss Cheese?

08 October 2008

Control systems at industrial plant are at a higher risk than ever to computer malware beating virus protection systems and firewalls, which have been compared to Swiss Cheese - full of holes. Malware is now posing a greater threat to control systems than ever before. Computer viruses, worms and Trojan horses are increasing at such an alarming rate that the manufacturing, process and utility industries are under considerable threat from poor protection.

Much of the problem is a lack of understanding of the risks associated with increased connectivity between former islands of automation such as process plants, manufacturing sites, distribution centres and the business systems operated in companies’ head offices. Many firms simply don’t run any security software across their production networks and these will most likely be running old versions of operating systems that remain unpatched.

Many automation computers will still be running Windows NT, which was the first Microsoft system to be able to claim real time operation. With the introduction of Windows XP and subsequently Vista, the real time NT system is no longer supported by Microsoft so no security update are available to keep up with the latest malware threats.

Not many years ago, the safety monitoring system of the Davis-Besse nuclear power plant in America was infected with the Slammer worm. This infection bypassed the plant’s firewall via a contractor’s laptop. More recently a CIA official revealed at the SANS security trade conference in New Orleans that hackers had penetrated power systems in several regions outside the US and in at least one case, caused a power outage affecting multiple cities.

Figures show that more malware was created last year than in the previous two decades. The main methods of entry for malware include internet browsing and downloading, email, USB keys and external connections. So the most important thing is for the IT experts to be responsible for the protection of the whole organisation, including manufacturing and plant networks and not to confine themselves to the office alone.

In the office environment, it’s relatively easy to ensure that PCs are covered by up to date anti-virus software, but on the plant floor anti-virus security is often ignored and there is limited control over who connects what to the control and process systems.

Malware is such a huge and growing menace that organisations should see it as a company-wide priority at board level, and not be lulled into a false sense of security because everyone’s PC in the office has up to date AV cover.

Make a comment by e-mail. Please click on the link below.