Hacking the Industrial Network

Innominate Security Technologies , a worldwide provider of Industrial Network Security, has published a 2009 White Paper on the weaknesses of industrial systems. “Hacking the Industrial Network,” compiled by an independent consulting firm, is a compelling exposé of the numerous vulnerabilities of industrial control networks currently in use throughout the world.

Industrial control networks, generally referred to as SCADA (Supervisory Control And Data Acquisition) systems have been used for decades in power plants and distribution grids, oil and gas refineries, air traffic and railroad management, pipeline pumping stations, pharmaceutical plants, chemical plants, industrial processes, automotive assembly lines, automated food and beverage lines, water treatment plants and major dams. “The current situation is ripe for an epidemic,” says Dirk Seewald, CEO of Innominate Security Technologies, “Protecting critical infrastructure is itself critical.”

These older legacy systems remain highly vulnerable to intelligent remote attacks, as well as non-intelligent viruses, as these systems are no longer isolated from the Internet. They are accessible via company websites, wireless access points, USB drives, modems, radio transmission, satellite, microwave, wiretap and remote maintenance access. The report identifies incidents involving major corporations, utilities, nuclear plants and the Pentagon. A table of twenty-nine major incidents is provided, some of which were kept secret for years. Detailed footnotes and clickable internet research links are provided to document these incidents and each statement of fact.

While many engineers believe that their production networks are isolated from outside access, nothing could be further from the truth. It is common practice to include access to Web-based services on most programmable logic controllers. According to a major manufacturer of PLCs, the majority of their products are ordered with Web services enabled. Yet their own study indicated that 87% of users left the Web servers in the PLCs active with factory default passwords, like “1111”.

This latest analysis discusses the problems in plain language. It specifies industry recommendations and provides links to other white papers produced by national research laboratories chartered with addressing the problems of protecting critical infrastructure and production networks. It identifies strategies and specifications, as well as new, proven solutions available from a variety of vendors. The security of industrial networks can no longer be ignored. With threats to networks increasing in complexity and scope, decision makers need to take action before it is too late.

A comprehensive copy of the 16-page White Paper, including detailed footnotes and clickable Internet research links is available at www.innominate.com/content/view/169/1/lang,en/

To view full content, please register to (new users of the portal only), respectively log-in, if you are already registered.


 

  • Virtual Conferences

    VIRTUAL CONFERENCES

    free virtual conferences

    ARM®-based solutions from Texas Instruments
    Texas Instruments is producing more ARM-based solutions than any other manufacturer. In this Virtual Conference TI provides overview and outlook about its ARM-based Microprocessors, Microcontrollers and SoCs product range.

    Industrial Computing & Communications
    The 2012 version of our Virtual Conference Industrial Computing & Communications provides an update about latest trends, solutions and products to create reliable communications within industrial environments. Major topics are Chips & Solutions for Industrial Ethernet and Boards, Modules & Systems for Industrial Applications.

    Embedded Wireless
    Wireless technologies are expected to be implemented in more and more applications - from personal and medical devices, to transportation and industrial and many more. This free Virtual Conference has its focus on products, technologies, and applications in the Embedded Wireless arena.

    Extensible Processing Platforms
    In this virtual event, you will learn about the Zynq™-7000 Extensible Processing Platform (EPP) -- a new class of product which combines an industry-standard ARM® dual-core Cortex™-A9 MPCore™ processing system with Xilinx 28nm unified programmable logic. Xilinx and ARM will detail the architecture of the Zynq-7000 EPP and show how hardware and software teams can work concurrently while leveraging the extensibility of this processing platform.

    Real-time Operating Systems
    This free Virtual Conference has its focus on technical trends with Real-Time Operating Systems. The conference programme provides webinars and videos about trends & technologies, products and application examples with focus on Windows Embedded, VxWorks and Embedded Linux.

    Safety & Security
    Nowadays Safety & Security are important topics for many embedded systems. While the failure of safety-critical systems is likely to result in danger for human lives, the need for security is driven by increased connectivity, portability, and pervasive design of modern embedded systems.

    Hardware & Software for Motor Control
    Motors consume 50% of all electricity in industry. More and more critical in motor design, sophisticated electronic controls provide greater efficiency, finer speed and torque regulation, and better motor protection. This virtual conference will have a special focus on technologies and products to improve the energy efficiency.

    Small Form Factor Boards
    This free Virtual Conference provides technical webinars and videos about technologies, products, platforms and applications with Small Form Factor Boards.

    Development Tools
    This free Virtual Conference has its focus on Development Tools for Microcontrollers & Microprocessors. It covers topics like Debugging and Static Analysis, Multicore and Virtualization, Real-time Operating Systems, Model-based Design and Integrated Development Environments.