Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware
March 3, 2011 - Preventing the next Stuxnet-like attack on the control world might be impossible, but operators can mitigate the effects and contain worms and viruses through early detection. Phoenix Contact’s new white paper explains how the FL mGuard with CIFS Integrity Monitoring can provide early warning about malware similar to Stuxnet.
Researchers at the University of Ostwestfalen-Lippe in Lemgo, Germany, have confirmed that the mGuard would have recognized the manipulations of the Stuxnet worm on day zero of the infection. Despite the attention Stuxnet has received, most cyber security experts now say that the greater threat to control systems is not from Stuxnet itself, but from copycats who could use Stuxnet as a blueprint for future attacks.
The mGuard is a security device that provides stateful firewall, router and VPN capabilities in a single, rugged package. The mGuard’s CIFS Integrity Monitoring function allows the user to monitor configurable sets of files for unexpected modifications of executable code. When initialized, it computes a baseline of signatures for all monitored objects, then periodically checks them for any deviations.
The mGuard discovers suspect modifications promptly, and reports them via SNMP and e-mail. If Stuxnet or another piece of malware had modified a monitored Windows file, mGuard would have picked it up and notified the network management system or responsible administrator.
The white paper also explains other preventive steps the user can take to contain any malware that the mGuard would detect.
Click here to download “Post-Stuxnet Industrial Security: Zero Day Discovery and Risk Containment of Industrial Malware,” by Torsten Rössell of Innominate Security Technologies.
About Phoenix Contact
Phoenix Contact develops and manufactures industrial electrical and electronic technology products that power, protect, connect and automate systems and equipment for a wide range of industries. Phoenix Contact GmbH & Co. KG, Blomberg, Germany, operates 47 international subsidiaries, including Phoenix Contact USA in Middletown, Pa.
MORE WHITE PAPERS NEWS
Internet of Things Primer
By Opto 22
You’ve probably heard about the Internet of Things (IoT), or the Industrial Internet of Things (IIoT), also called Industry 4.0,...
Eight Tips to Optimize Your Industrial Wireless Network
An effective communication infrastructure can make it possible for industrial equipment to deliver high levels of reliability,...
ProSoft Connect demonstrates the benefits of a Container and Microservices cloud architecture
By Keith Blodorn, ProSoft Technology
This paper describes the Container and Microservices architecture and illustrates how ProSoft customers...
Manufacturing Execution System Enables Aerospace Manufacturer to Produce Safety Critical Electronics
By Anthony Borges, PINPoint Information Systems
This document summarizes the manufacturing execution system (MES), or manufacturing operations...
Open Innovation Platform Helps Shape the Landscape of IoT Applications
Open innovation is the key to overcoming obstacles for IoT development currently hindered by vast amount of different protocol standards that...
ISA to participate in the Canadian Cybersecurity Alliance
The primary purpose of the CCA-ACC is to enhance the professionalization of the Canadian cyber domain through effective inter-association...
Flowserve Collaborates with NI, HP and PTC to Enable Predictive Maintenance for Process Control
By Cory Fogg, Automation.com
Efficient predictive maintenance has been a goal of the process industry for ages. This article discusses the efforts...
2016 ISA Process Control & Safety Symposium and Exhibition features three acclaimed speakers
Attending engineers, technicians and plant managers will be able to gain the latest insights, news and trends in process measurement and control,...
Adding Wireless Instruments to Existing Networks
By Moazzam Shamsi, Emerson Process Management
Once a wireless infrastructure is in place, new instruments can be added quickly and easily by...
Siemens receives TÜV SÜD certification at 7 German sites
The TÜV SÜD certificate is based on the standard IEC 62443-4-1. This standard includes security-relevant requirements such as capabilities and...