Energy assets 'in front line of cyber war'
Dubai, May 31, 2012
Global energy infrastructure is more vulnerable than ever in an escalating cyber war thanks to "sons of Stuxnet" electronic missiles, which can be created from the virus designed to sabotage Iran's nuclear programme.
Cyber espionage is on the rise, with Chinese hackers stealing field data and cutting-edge technology from energy companies around the world since at least 2009, according to leading security firm McAfee (part of Intel Corp).
But the biggest threat to everything from power grids to digital oilfields may come from malware based on the Stuxnet worm, widely thought to have been sponsored by western government agencies, security experts say.
Cyber weapons like Stuxnet that can take control of plants appear to be more of an operational danger than the recently-discovered Flame virus, which seems designed to gather data.
"Stuxnet really showed people you could do this, that is the problem. I cannot imagine any major government agency not developing an offensive capability," Eric Byres, a leading authority on critical infrastructure security, told Reuters.
Byres, who advises governments and multinationals on cyber security, said government agencies could seek to infiltrate energy infrastructure in case of political tension. "That is one of the risks, that we are weaponizing our entire energy industry, or leaving weapons inside it, just in case."
Governments are concerned that energy and communications networks would be the first victims of any conflict with a cyber-savvy aggressor.
"It is believed that would be part of any form of warfare - that they would take out private sector infrastructures as part of knocking out a country," said Paul Dorey, who managed BP's digital security until 2008 and is now professor of information security at the University of London.
The stable relationship between the US, Russia and China, means there seems little chance of they will try to disrupt one another's energy networks any time soon. But Iran has been bombarded with cyber bugs during its intense nuclear standoff with the west, with the virus known as Flame detected in April and a worm called Duqu, designed to gather intelligence on industrial infrastructure for future attacks, found last year.
The US is by far the biggest source of general malicious activity on the internet, data from anti-virus software maker Symantec Corp indicates, but targeted industrial espionage largely comes from Asia.
"Targeted attacks are increasing dramatically. It could be state sponsored or it could be just hacktivists or it could be a cyber criminal organisation. But we know the number one target is government institutions and the second is manufacturing, including oil and gas," Bulent Teksoz, Symantec's chief security strategist for emerging markets said.
According to data from the Repository of Industrial Security Incidents, power and transportation companies see the greatest number of major cyber security problems. Most of those incidents result in some loss of production or equipment control.
Until Stuxnet, breaking into supervisory control and data acquisition (Scada) systems running most of the world's industry was thought to be beyond most hackers.
Thanks to its groundbreaking code now leaked and freely available on internet, any competent cyber criminal group could use it to spear Scada security that controls vital infrastructure around the world. "Stuxnet does provide a delivery vehicle, for non state actors to use, that is a direct threat to critical infrastructure," said Alexander Klimburg, senior cyber security adviser at the Austrian Institute for International Affairs.
"They have to go and develop their own warhead but you have given them a cruise missile... It's perfectly possible that Stuxnet could be adapted for cyber terrorism purposes and that is a real concern."
Byres, who designed the leading industrial firewall system, said that although the original cyber weapon targets Siemens systems which controlled Iran's Natanz centrifuges, its parts could be adapted to take control of any industrial controller. It has had some impact on at least 22 other installations, including a US metals factory, he said. - Reuters