Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware
March 3, 2011 - Preventing the next Stuxnet-like attack on the control world might be impossible, but operators can mitigate the effects and contain worms and viruses through early detection. Phoenix Contact’s new white paper explains how the FL mGuard with CIFS Integrity Monitoring can provide early warning about malware similar to Stuxnet.
Researchers at the University of Ostwestfalen-Lippe in Lemgo, Germany, have confirmed that the mGuard would have recognized the manipulations of the Stuxnet worm on day zero of the infection. Despite the attention Stuxnet has received, most cyber security experts now say that the greater threat to control systems is not from Stuxnet itself, but from copycats who could use Stuxnet as a blueprint for future attacks.
The mGuard is a security device that provides stateful firewall, router and VPN capabilities in a single, rugged package. The mGuard’s CIFS Integrity Monitoring function allows the user to monitor configurable sets of files for unexpected modifications of executable code. When initialized, it computes a baseline of signatures for all monitored objects, then periodically checks them for any deviations.
The mGuard discovers suspect modifications promptly, and reports them via SNMP and e-mail. If Stuxnet or another piece of malware had modified a monitored Windows file, mGuard would have picked it up and notified the network management system or responsible administrator.
The white paper also explains other preventive steps the user can take to contain any malware that the mGuard would detect.
Click here to download “Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware,” by Torsten Rössell of Innominate Security Technologies.
About Phoenix Contact
Phoenix Contact develops and manufactures industrial electrical and electronic technology products that power, protect, connect and automate systems and equipment for a wide range of industries. Phoenix Contact GmbH & Co. KG, Blomberg, Germany, operates 47 international subsidiaries, including Phoenix Contact USA in Middletown, Pa.
MORE WHITE PAPERS NEWS
Discussing the Power of Configurable Process Control
By Anthony Borges, Pinpoint Information Systems
The power of an MES System or configurable process control system is now well beyond that of what...
FCI aims to enhance gas and air ratio control with ST100 flow meter
Installing a direct mass device in the process control loop offers a number of advantages. It allows the operator to achieve a direct ratio of...
An Introduction of Tibbo's AggreGate SCADA/HMI
By Victor Polyakov, Tibbo Systems
This whitepaper is an introduction AggreGate IoT Platform-based products. In 2010, two years after AggreGate...
Industry 4.0-based Network Manager Ensures Solid Industrial Connectivity
With the hot topics of Industry 4.0, Industrial Internet of Things (IIoT), intelligent automation and so forth emerging into the market, factory...
Infinity QS releases whitepaper on automated food safety guidelines
The increasing availability of the tools that facilitate higher levels of manufacturing productivity and quality creates an opportunity for...
Empowering the Workforce to Control the Future of Automation
By Peter Martin, Schneider Electric Process Automation
Connected products are expected to approach 30 billion by 2020, with utilities,...
Moxa announces Turbo Pack 3 firmware upgrade for industrial Ethernet switches
This firmware is compliant with the IEC 62443-4-2 level 2 cybersecurity standard, and also supports other security management features, such as...
T&M Associates announces Victor Acosta as CAD Manager
Acosta brings nearly 20 years of experience in implementing design standards and quality procedures and leveraging burgeoning technologies to...
Okuma to highlight automated machining advancements at NTMA Plant Managers Roundtable
The NTMA Plant Managers Roundtable at Modern Industries in Phoenix, Arizona will discuss the various types of automation devices that make...
Bedrock Automation and Jacobs partner to pursue automation system security
Under the agreement, the companies will pursue selected projects with automation system requirements for potential implementation of the Bedrock...