Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware
March 3, 2011 - Preventing the next Stuxnet-like attack on the control world might be impossible, but operators can mitigate the effects and contain worms and viruses through early detection. Phoenix Contact’s new white paper explains how the FL mGuard with CIFS Integrity Monitoring can provide early warning about malware similar to Stuxnet.
Researchers at the University of Ostwestfalen-Lippe in Lemgo, Germany, have confirmed that the mGuard would have recognized the manipulations of the Stuxnet worm on day zero of the infection. Despite the attention Stuxnet has received, most cyber security experts now say that the greater threat to control systems is not from Stuxnet itself, but from copycats who could use Stuxnet as a blueprint for future attacks.
The mGuard is a security device that provides stateful firewall, router and VPN capabilities in a single, rugged package. The mGuard’s CIFS Integrity Monitoring function allows the user to monitor configurable sets of files for unexpected modifications of executable code. When initialized, it computes a baseline of signatures for all monitored objects, then periodically checks them for any deviations.
The mGuard discovers suspect modifications promptly, and reports them via SNMP and e-mail. If Stuxnet or another piece of malware had modified a monitored Windows file, mGuard would have picked it up and notified the network management system or responsible administrator.
The white paper also explains other preventive steps the user can take to contain any malware that the mGuard would detect.
Click here to download “Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware,” by Torsten Rössell of Innominate Security Technologies.
About Phoenix Contact
Phoenix Contact develops and manufactures industrial electrical and electronic technology products that power, protect, connect and automate systems and equipment for a wide range of industries. Phoenix Contact GmbH & Co. KG, Blomberg, Germany, operates 47 international subsidiaries, including Phoenix Contact USA in Middletown, Pa.
MORE WHITE PAPERS NEWS
Infinity QS releases whitepaper on automated food safety guidelines
The increasing availability of the tools that facilitate higher levels of manufacturing productivity and quality creates an opportunity for...
Your Guide to Outsourcing Electrical Control Panels
Does building electrical control panels drain time and resources from your core business? The decision to outsource can be challenging for...
NEXCOM Simplifies OT-IT Convergence to Scout for Factory Intelligence
NEXCOM IoT Automation Solution offers manufacturers a feasible, holistic approach to control, communication, and cloud integration, fast-tracking...
OPC UA PubSub: Bringing the Power of the Cloud to Industrial Automation
By Randy Armstrong, Sparhawk Software
The widespread deployment of cloud based solutions has many factory operators wondering how they can take...
Semiconductor devices are an essential part of our daily life. Without integrated circuits, we would not have computers and smartphones. And...
ISA and Beamex join to host flowmeter calibration webinar
The webinar, which will be held November 17 from 12-1:30 PM EST, will feature three automation experts: Nicole Meidl, Product Management Engineer,...
Nordson to introduce 3 new process solutions at The Assembly Show
As part of the exhibition floor at The Assembly Show, with over 260 exhibitors, Nordson EFD (Booth 821) will feature live demonstrations of several...
CC-Link announces Molex receives network certification for PCI Express interface cards
Molex, Inc. provides two CC-Link certified PCI-Express interface products that are designed to work as a complete solution including full and half...
True Cost of Ownership for Linear Position Sensors- Part 2
By Harold Schaevitz, Alliance Sensors Group
The second article, of a three part series, examines the strengths and weaknesses of industrial...
ISA opens Saudi Arabian training center at Jubail Industrial College
The Jubail-ISA Training Center brings ISA’s globally recognized automation and control instruction—as well as its certification review and...