Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware
March 3, 2011 - Preventing the next Stuxnet-like attack on the control world might be impossible, but operators can mitigate the effects and contain worms and viruses through early detection. Phoenix Contact’s new white paper explains how the FL mGuard with CIFS Integrity Monitoring can provide early warning about malware similar to Stuxnet.
Researchers at the University of Ostwestfalen-Lippe in Lemgo, Germany, have confirmed that the mGuard would have recognized the manipulations of the Stuxnet worm on day zero of the infection. Despite the attention Stuxnet has received, most cyber security experts now say that the greater threat to control systems is not from Stuxnet itself, but from copycats who could use Stuxnet as a blueprint for future attacks.
The mGuard is a security device that provides stateful firewall, router and VPN capabilities in a single, rugged package. The mGuard’s CIFS Integrity Monitoring function allows the user to monitor configurable sets of files for unexpected modifications of executable code. When initialized, it computes a baseline of signatures for all monitored objects, then periodically checks them for any deviations.
The mGuard discovers suspect modifications promptly, and reports them via SNMP and e-mail. If Stuxnet or another piece of malware had modified a monitored Windows file, mGuard would have picked it up and notified the network management system or responsible administrator.
The white paper also explains other preventive steps the user can take to contain any malware that the mGuard would detect.
Click here to download “Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware,” by Torsten Rössell of Innominate Security Technologies.
About Phoenix Contact
Phoenix Contact develops and manufactures industrial electrical and electronic technology products that power, protect, connect and automate systems and equipment for a wide range of industries. Phoenix Contact GmbH & Co. KG, Blomberg, Germany, operates 47 international subsidiaries, including Phoenix Contact USA in Middletown, Pa.
MORE WHITE PAPERS NEWS
NEXCOM Simplifies OT-IT Convergence to Scout for Factory Intelligence
NEXCOM IoT Automation Solution offers manufacturers a feasible, holistic approach to control, communication, and cloud integration, fast-tracking...
OPC UA PubSub: Bringing the Power of the Cloud to Industrial Automation
By Randy Armstrong, Sparhawk Software
The widespread deployment of cloud based solutions has many factory operators wondering how they can take...
Semiconductor devices are an essential part of our daily life. Without integrated circuits, we would not have computers and smartphones. And...
Introduction to Inspection
Vision inspection plays an instrumental role in factory automation. In the past, manufacturers struggled between relying either on a team of...
NEXCOM Fully Depicts Cloud-Infused Industry 4.0
NEXCOM demonstrates how it harnesses the technology of edge to cloud connectivity, cloud-based machine learning and cognitive computing to tap into...
Webinar: Increase Production and Optimize Manufacturing Processes Using Simulation
The webinar will show how engineers, production managers, and decision makers can rapidly assess the options for adapting an existing line to make...
Webinar: Digitalizing Predictive Maintenance
Learn how new technological advances are resolving not only these issues but also allowing for new value to be realized through the digitalization...
Rockwell to showcase solutions for Water and Wastewater Facilities at WEFTEC 2016
Featuring its PlantPAx platform, Rockwell Automation will demonstrate process and automation solutions for efficient process control, monitoring...
Bedrock provides SCADA RTU platform for Clarksville Light and Water
The project is part of Clarksville, Arkansas' plan to save up to $2M over the next five years through improved control, monitoring, and security of...
Siluria names Erik Scher as Chief Operations Officer
As COO, Dr. Scher is responsible for the company's operating activities, including its OCM demonstration plant in Texas and multiple pilot plants...