Greenfield
Factory Automation
Bassett
Batch Processing
Hand
Process Automation
Reynolds
Packaging Automation
Mintchell
Industry Coverage
Download this free 94-page Continuous Process Playbook loaded with industry expert advice on topics ranging from control systems, instrumentation, and industrial networks to energy management, security, and system upgrades.

Power Plant Off-Line Three Weeks Due to Malware

I just got off the phone with Joe Weiss, noted control system cybersecurity consultant. He was filled with information, as always.
January 24, 2013 | By Gary Mintchell
POSTED IN: Cyber Security
print email

What do you think it would take to keep a power plant shut down for three weeks? Or even what the cost would be to take a power plant offline for that long? I'm thinking a crisis in the control system for the first answer, and more than a million dollars for the second.

Well, Weiss noted that ICS-CERT disclosed that a power plant was shut down for that long because of financial malware found on the control system network. That malware was apparently generated by "criminal software," which had been previously used to perpetrate financial crimes. Seems that a technician "unknowingly" inserted an infected USB computer drive into the network.

The IT department has a zero-tolerance policy for such malware and shut down the control system. Such industrial control system security authorities as ISA99 have been building a best practices around risk analysis and risk management. Such an analysis would have said that since the financial malware could not affect the control system and that the control system could easily be taken off the network, that it was a waste to shut down the plant.

The IT department took the decision away from the plant manager and took action by default.

His analysis:
- Control systems were designed to operate automatically independent of the network. In fact, a control system can continue to operate even with the network shut down.
- Many critical infrastructure control systems run Windows XP and Windows 2000 that have "auto run" features enabled by default making them an easy target for infection because malicious software loads as soon as a USB is plugged into the system unless operators change the setting (see Stuxnet). Many times, this includes turbine controls.
- Control system vendors use USBs to update firmware and other functions. There have been cases where the control system vendors' USBs contained malware.
- Little work has been done to determine if malware can impact control system performance. When do you care about the impact of the malware on control system performance?
- Patching control systems often is not done expeditiously because of the potential for shutting facilities down. Unfortunately this has already happened.
- There is a very significant cost when power plants and other large industrial facilities are not operating. This could be tens of thousands up to millions of dollars/day depending on the facility.

In this case, the IT department took the decision away from the plant manager and took action by default without looking at the situation or the business case.

Weiss concludes with the question, what if someone put even a placebo malware on a network with the sole intent of shutting down the process and IT shut the system down without a risk analysis?

Gary Mintchell has either worked in or covered manufacturing for his 30+ year career that included stints in product development, manufacturing engineering and IT-related projects. Having helped found Automation World in 2003, Gary retired from his day-to-day editor-in-chief duties in 2013. He continues to cover automation technology developments and related industry trends for Automation World. Contact Gary at [email protected] or follow him on twitter @garymintchell.
1

Comments

Submitted by Joel "the SCADA... (not verified) on Tue, 2013-02-12 12:13
I would like to clarify one of Joe's points to avoid confusion with many people who are becoming familiar with industrial control systems (ICS) that may have an IT background. As the word implies, a control "system" consists of multiple components, all inter-networked ... whether through open, industrial Ethernet or proprietary topologies. A CONTROLLER is one such component within the system, and it is these devices that are designed to operate autonomously in the absence of a network. However, without a network, nearly all systems lack the ability for the operator to interact with the controller (exceptions would include local panels connected via private path serial or network connections and safety-instrumented systems designed to be autonomous and provide fail-safe control of the plant or process). So let's be sure and set the record straight ... though the controller COULD operate autonomously, most operators will begin to shut down the plant or process if human interaction is not regained in a short period of time. This is like trying to drive a car with your eyes closed! ... the car will still run, but you won't know where you are driving! The last thing I would want is for someone to believe that a control system could run without a network for 3 weeks! Stay safe ...

Add new comment

 

  NEWSLETTERS
Don’t miss intelligence crucial to your job and business!
Click on any newsletter to view a sample. Enter your email address below to sign up!

News Insights

News & Analysis

Product Insights

Latest Automation Products

TalkPoints

Automation Columnists

Feed Forward

Latest from Gary Mintchell

Automation Focus

Sponsored white papers, videos and products

Process Automation

Industry Trends & Applications

Motion Control

Machine & Motion Control

Automation Skills

Improve Industry Skills

Industrial
Ethernet Review

Network Application of IE

Packaging
Automation Review

Trends in Packaging Automation

Safety
Automation Insights

The How & Why of Safety

Global Edition

Global automation news

Each newsletter ranges in frequency from once per month to a few times per month at most.
Wired & Wireless Cover
E-Book Special Report
Networks: Wired & Wireless
Sign up to receive timely updates from our editors and download this FREE Special Report exploring the most widely adopted protocols for fieldbus, Ethernet and wireless networking in the process industries, as well as the latest trends in wireless applications.
x