Stuxnet: The new type of virus
The past few months have seen a lot of discussion about the Stuxnet virus. The virus targets unprotected Siemens PLCs, but the main focus of the media attention has been more on the political side – that someone (the US govt?) has been targeting Iranian nuclear facilities to try and disrupt them.
That side of the story is interesting, but what I find more interesting isn’t the political part, but the underlying story: that viruses are now being made to target things other than PCs. While that’s not new news, it is something to think about.
Every modern industrial building, including Data Cave’s data center, has a number of building automation pieces that all work together to keep things ticking. For example, our chillers, have small onboard computers that keep the units running – with external interfaces that we use to talk to them. These aren’t desktop computers, they aren’t running Windows, but they are running software and someone could potentially target them with a virus.
What’s interesting about Stuxnet is it targets PLCs, Programmable Logic Controllers, which are very common products in the industry. In my experience, much of this equipment comes with factory default login information, things like “admin/password”. Very unsecure. The history of these products was that they were quite standalone and required someone to physically connect to them to program. But over time, these devices have been integrated into modern networks from a convenience standpoint, without much thought to the open attack vector.
What this means is that all throughout the industrial world, important logic computers are running very advanced building automation systems, attached to an unprotected network, with default login credentials that have never been changed.
The virus/malware authors recognize this as a new method of attack and are now beginning to take advantage of it. This is something we’ve been thinking about for a long time, and we’ve gone to great lengths to ensure our data center is protected from these types of attacks – by keeping certain critical infrastructure off-net – or using secure gateways to contain that infrastructure which needs to be networked.
We’d love to share more about our facility and design. Contact us for more information.