Chemical Processing-August 2008

Multiple paths for infection Internet Figure 2. Most chemical plants suffer from a wide variety of vulnerabilities. Infected remote support Ö Ofﬁce LAN Ö Unauthorized connections Mis-conﬁgured Firewalls Ö Ö Infected laptops Ö Modems Plant network Ö USB drives Control LAN Third party issues External network Ö RS-232 links Ö PLCs) were tested using standard IT security tools (such as Nessus and Netwox) that are available to the average attacker. Almost half of the devices failed the tests, usually due to communications breakdowns, system crashes and unprotected services. For experts in the field these results weren’t all that surprising — the majority of PLCs and DCSs currently in use offer no authentication, integrity or confidentiality mechanisms and can be controlled by anyone who can “ping” the device. Nor can they be easily updated or have security features added to them. DEfEnsE in DEpth one control-system-to-business link. Once a complete list has been compiled, each pathway should be analyzed for its potential security impact. Assuming “no hacker would use that pathway” isn’t a route to good security. Easy targEts Once a misguided employee, virus or hacker does get past the main business or control-system firewall, the typical control system is an easy target for attack. Poorly patched Windows-based computers abound and antivirus software is the exception rather than the rule. For example, during a security survey conducted at a major refinery we discovered that only 55% of the Windows 2000/XP machines in control rooms had the patch that prevented Blaster infections and even fewer, 38%, had the patch for the Sasser Worm installed. Yet both of these patches had been available for more than two years and were approved by the control system vendor at the time of the survey. Even the most inexperienced hacker could have taken over this control system in a matter of hours. A typical plant’s actual control devices such as the programmable logic controller (PLC) or distributed control system (DCS) are even softer targets than unpatched PCs. In a study by CERN, Europe’s laboratory for high energy physics, 25 industrial control devices (mostly August 2008 chemicAlprocessing.com 24 Sound strategy, regardless of whether it’s for military, physical or cyber security, relies on “defense in depth.” Effective security is created by layering multiple security solutions, so that if one is bypassed, another will provide the defense. This means not over-relying on any single technology such as a firewall. Firewalls aren’t bad technology — in fact they’re a fantastic tool in the security tool box — but industry has misused them by believing they will solve all security ills. Defense in depth begins by creating a proper electronic perimeter around the control system and then hardening the devices within. The security perimeter for the control system is defined both by policy and http://chemicalprocessing.com

Table of Contents Feed for the Digital Edition of Chemical Processing-August 2008

Chemical Processing- August 2008 Contents From the Editor ChemicalProcessing.com Field Notes In Process Energy Saver Compliance Advisor Protect your Plant What’s on Tap for Water? Keep Operations Safe Polystyrene Plant Gains Extra Output and More Process Puzzler Plant InSites Equipment & Services Adlits Product Spotlight/Classifieds Ad Index End Point

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.