Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware
March 3, 2011 - Preventing the next Stuxnet-like attack on the control world might be impossible, but operators can mitigate the effects and contain worms and viruses through early detection. Phoenix Contact’s new white paper explains how the FL mGuard with CIFS Integrity Monitoring can provide early warning about malware similar to Stuxnet.
Researchers at the University of Ostwestfalen-Lippe in Lemgo, Germany, have confirmed that the mGuard would have recognized the manipulations of the Stuxnet worm on day zero of the infection. Despite the attention Stuxnet has received, most cyber security experts now say that the greater threat to control systems is not from Stuxnet itself, but from copycats who could use Stuxnet as a blueprint for future attacks.
The mGuard is a security device that provides stateful firewall, router and VPN capabilities in a single, rugged package. The mGuard’s CIFS Integrity Monitoring function allows the user to monitor configurable sets of files for unexpected modifications of executable code. When initialized, it computes a baseline of signatures for all monitored objects, then periodically checks them for any deviations.
The mGuard discovers suspect modifications promptly, and reports them via SNMP and e-mail. If Stuxnet or another piece of malware had modified a monitored Windows file, mGuard would have picked it up and notified the network management system or responsible administrator.
The white paper also explains other preventive steps the user can take to contain any malware that the mGuard would detect.
Click here to download “Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware,” by Torsten Rössell of Innominate Security Technologies.
About Phoenix Contact
Phoenix Contact develops and manufactures industrial electrical and electronic technology products that power, protect, connect and automate systems and equipment for a wide range of industries. Phoenix Contact GmbH & Co. KG, Blomberg, Germany, operates 47 international subsidiaries, including Phoenix Contact USA in Middletown, Pa.
MORE WHITE PAPERS NEWS
An Introduction of Tibbo's AggreGate SCADA/HMI
By Victor Polyakov, Tibbo Systems
This whitepaper is an introduction AggreGate IoT Platform-based products. In 2010, two years after AggreGate...
Industry 4.0-based Network Manager Ensures Solid Industrial Connectivity
With the hot topics of Industry 4.0, Industrial Internet of Things (IIoT), intelligent automation and so forth emerging into the market, factory...
Infinity QS releases whitepaper on automated food safety guidelines
The increasing availability of the tools that facilitate higher levels of manufacturing productivity and quality creates an opportunity for...
Your Guide to Outsourcing Electrical Control Panels
Does building electrical control panels drain time and resources from your core business? The decision to outsource can be challenging for...
NEXCOM Simplifies OT-IT Convergence to Scout for Factory Intelligence
NEXCOM IoT Automation Solution offers manufacturers a feasible, holistic approach to control, communication, and cloud integration, fast-tracking...
HIMA introduces turbine safety solutions at POWER-GEN International
The HIMA SIL 3 platform combines all safety functions and machinery control, including overspeed trip and anti-surge control and meets all...
Kistler's maXYmos process monitoring system boosts P.J. Hare's quality control
P. J. Hare focuses its development work primarily on hydraulic presses for use in the automotive supply sector. Because customers require traceable...
Phoenix Contact and Flowserve join Endress+Hauser's Open Integration Partner Program
Endress+Hauser’s Open Integration Partner Program strives to mitigate risks when commissioning customer plant by ensuring that operators can...
Honeywell provides IIoT connectivity to Delek Refining
Delek Refining will use an Industrial Internet of Things (IIoT)-based Connected Performance Services (CPS) offering to improve the performance of...
TrendMiner appoints John Miller and Edwin van Dijk as Vice Presidents of Strategic Accounts,...
Miller’s primary focus is to support current accounts and manage the company’s growth strategy by working closely with prospects and new...