Energy assets could be prime target for 'sons of Stuxnet' virus
SUBNET Solutions Inc | Thursday, May 31, 2012
The world's energy distribution infrastructure, which has become increasingly susceptible to cyber attacks in recent years, could soon face more risk than ever with the development of "sons of Stuxnet" electronic missiles, Reuters reports.
The viruses can be derived from the Stuxnet virus, which was originally believed to have been developed to secretly subdue Iran's nuclear energy program. Although cyber espionage is nothing new - it has been known for years that that Chinese hackers have stolen data and technology from global energy companies - Stuxnet and similar malware poses a much greater problem.
These cyber weapons can attack electricity grids and power plants, taking control of their operations. Such an attack comes with much more disastrous consequences, compared to the recently discovered Flame virus, which only gathers data.
"Stuxnet really showed people you could do this, that is the problem. I cannot imagine any major government agency not developing an offensive capability," Eric Byres, an expert on critical infrastructure security, told the media outlet.
As smart grid deployments increase around the world, government officials are worried that energy generation and distribution systems could be the first targeted by cyber attackers, as new remote technologies have created a highly vulnerable grid.
"It is believed that would be part of any form of warfare - that they would take out private sector infrastructures as part of knocking out a country," said Paul Dorey, who once managed BP's digital security and now teaches information security at the University of London.
Data from the Repository of Industrial Security Incidents supports these claims, stating that power companies are subject to the most serious cyber security issues. Before Stuxnet, utilities believed hacking into SCADA systems was virtually impossible. That, however, has changed.
"Stuxnet does provide a delivery vehicle, for non-state actors to use, that is a direct threat to critical infrastructure," said Alexander Klimburg, senior cyber security adviser at the Austrian Institute for International Affairs. "It's perfectly possible that Stuxnet could be adapted for cyber terrorism purposes and that is a real concern."
SUBNET, a Microsoft Gold Certified Partner, regularly updates its products to stay current with any cyber threats that are discovered. By using SUBNET's solutions and products, utilities can ensure their smart grid endeavors adhere to NERC CIP regulations, which were developed to help keep North American electric infrastructure safe from cyber attack.
Substation Cyber Security