Same Dance, Different Partner

blast funaceThe German steelworks attack is nothing new. That is the worst part of it.

IT World ran a story on the attack that includes the line: “The hack sounds similar to attacks involving the Stuxnet worm.” That misses the importance of this attack, entirely.

This incident does not sound anything like Stuxnet. It sounds like Target. Home Depot. JP Morgan.

The most important aspect of the German steelworks attack is how much it has in common with any of the other compromises we are so used to seeing. There isn’t anything about this other than detail that differentiates it from the kind of attack used to move credit card numbers around.

Phish the pholks, pwn the network, poke about and achieve your goal.

The goal is figuring out how the financial system works and causing it to change its behavior so you get money? So be it.

The goal is figuring out how the electromechanical system works and causing it to change its behavior so you get damage to equipment? So be it.

The most important point is that there is nothing new here. Only the victim.

Stuxnet was a  massively resourced, years-long attack against a hardened military target. It stands virtually alone in a cybersecurity history littered with run-of-the-mill incidents.  The possibility of copycat incidents is easy to brush off by industrial operators.

I’m just a steelworks. A manufacturer of cars. A water facility, electrical distributor, food processor. That can’t happen to me.

With this attack, those industrial operators cannot wave aside the concern. There is no obvious backstory here of Intelligence Spooks with infected USB drives. No black site where the facility has been replicated at great expense. All there is to this story is yet another external persistent threat who found their way in, figured systems out, and made bad things happen.

Like Home Depot. TJ Maxx. Sony.

If an industrial facility can imagine a motivation someone might have to harm them, they should now be imagining their physical systems being used to cause that harm.

This isn’t a new dance, it is the same dance that has been going on for years. The only thing different is that the dance has a new partner.


This entry was posted in Chair's Corner. Bookmark the permalink.