David Robinson, UK country manager of Norman Data Defense Systems (UK), explains why companies in the manufacturing, process and utility industries are under a considerable and increasing threat from inadequate anti-virus provision.
Computer viruses, worms and Trojan horses are increasing at such an alarming rate that the manufacturing, process and utility industries are under considerable threat from inadequate anti-virus provision. Some figures show that more malware was created in 2007 than in the previous 20. So it is not surprising that so many firms just have not been able to keep up. Sadly the traditional methods they use to protect themselves against these threats often have more holes than a piece of Swiss cheese.
This means that malware is posing a greater threat to process and control systems than ever before. In the office environment it is relatively easy to ensure that PCs are covered by up-to-date anti-virus software, but in the factories, on the plant floor, anti-virus security is often ignored. Plus there is limited control over who connects what to the control and process systems. For example, a few years ago the safety monitoring system of the Davis-Besse nuclear power plant in America was infected with the Slammer worm, which bypassed the plant's firewall via a contractor's laptop. More recently a CIA official revealed at the SANS security trade conference in New Orleans that hackers have penetrated power systems in several regions outside the US and, in at least one case, caused a power outage affecting multiple cities.
Much of the problem is a lack of understanding of the risks associated with increased connectivity between former 'islands of automation' such as process plants, manufacturing sites, distribution centres and so on, and the business systems operated in companies' head offices. Many firms do not run any security software across their production networks - which will most likely be running old versions of operating systems that remain unpatched. It is asking for trouble.
The main methods of entry for malware include internet browsing and downloading, email, USB keys and external connections. So the most important thing is for the IT experts to be responsible for the protection of the whole organisation, including manufacturing and plant networks, and not to confine themselves to the office alone.
Malware is such a huge and growing menace that organisations should see it as a company-wide priority at board level, and not be lulled into a false sense of security because everyone's PC in the office has up-to-date AV cover.
The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the US Department of Homeland Security and the public and private sectors. This organisation maintains a database of vulnerabilities and its website (www.us-cert.gov) gives access to news about newly discovered vulnerabilities as well as security updates. So, for example, if you have machinery or process equipment running Windows NT, you can type windows nt into the search box to find security alerts and other important information relating to this operating system.
Norman Data Defense Systems (UK) Ltd
Exchange House
494 Midsummer Boulevard
MK9 2EA
UNITED KINGDOM
+44 (0)1908 255990