Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware
March 3, 2011 - Preventing the next Stuxnet-like attack on the control world might be impossible, but operators can mitigate the effects and contain worms and viruses through early detection. Phoenix Contact’s new white paper explains how the FL mGuard with CIFS Integrity Monitoring can provide early warning about malware similar to Stuxnet.
Researchers at the University of Ostwestfalen-Lippe in Lemgo, Germany, have confirmed that the mGuard would have recognized the manipulations of the Stuxnet worm on day zero of the infection. Despite the attention Stuxnet has received, most cyber security experts now say that the greater threat to control systems is not from Stuxnet itself, but from copycats who could use Stuxnet as a blueprint for future attacks.
The mGuard is a security device that provides stateful firewall, router and VPN capabilities in a single, rugged package. The mGuard’s CIFS Integrity Monitoring function allows the user to monitor configurable sets of files for unexpected modifications of executable code. When initialized, it computes a baseline of signatures for all monitored objects, then periodically checks them for any deviations.
The mGuard discovers suspect modifications promptly, and reports them via SNMP and e-mail. If Stuxnet or another piece of malware had modified a monitored Windows file, mGuard would have picked it up and notified the network management system or responsible administrator.
The white paper also explains other preventive steps the user can take to contain any malware that the mGuard would detect.
Click here to download “Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware,” by Torsten Rössell of Innominate Security Technologies.
About Phoenix Contact
Phoenix Contact develops and manufactures industrial electrical and electronic technology products that power, protect, connect and automate systems and equipment for a wide range of industries. Phoenix Contact GmbH & Co. KG, Blomberg, Germany, operates 47 international subsidiaries, including Phoenix Contact USA in Middletown, Pa.
MORE WHITE PAPERS NEWS
Discussing the Power of Configurable Process Control
By Anthony Borges, Pinpoint Information Systems
The power of an MES System or configurable process control system is now well beyond that of what...
FCI aims to enhance gas and air ratio control with ST100 flow meter
Installing a direct mass device in the process control loop offers a number of advantages. It allows the operator to achieve a direct ratio of...
An Introduction of Tibbo's AggreGate SCADA/HMI
By Victor Polyakov, Tibbo Systems
This whitepaper is an introduction AggreGate IoT Platform-based products. In 2010, two years after AggreGate...
Industry 4.0-based Network Manager Ensures Solid Industrial Connectivity
With the hot topics of Industry 4.0, Industrial Internet of Things (IIoT), intelligent automation and so forth emerging into the market, factory...
Infinity QS releases whitepaper on automated food safety guidelines
The increasing availability of the tools that facilitate higher levels of manufacturing productivity and quality creates an opportunity for...
Cloud-Based MES: The effort to empower small manufacturers
By Bill Lydon, Editor, Automation.com
In this day and age, it can sometimes seem like the small manufacturer is getting buried underneath the...
ISA Director: Oil & Gas facilities must take action now to protect against cyberattack
Patrick J. Gouhin, speaking at a Bloomberg LIVE conference in Houston, Texas on the future of cybersecurity in the US oil and gas sector, urged...
Siemens announces collaboration in 'Road to Digital Production' research project
The declared aim of the 26-month project is to advance the development of products and technologies enabling the implementation of digital...
Improving Worker Safety with Automatic Tank Gauging
By Christoffer Widahl, Emerson Automation Solutions
Manual tank gauging at oil and gas extraction sites is a dangerous and potentially fatal...
Wibu-Systems' CodeMeter used by Fritz Stephan to secure medical devices
CodeMeter protects the company’s intellectual property against counterfeiting and reverse engineering, safeguards its EVE devices from tampering,...