杏吧原创

Will software revamp guard grid against cyberattack?

A new operating system could protect power plants and other infrastructure from attack, but the approach may have its own loopholes
A virus could bring it down
A virus could bring it down
(Image: Paul Grover/Rex Features)

Hear the word 鈥渃yberattack鈥, and gas pipelines, factories and power stations aren鈥檛 necessarily the first targets that spring to mind. But such facilities are often controlled by software that lacks the appropriate defences. Now the cybersecurity company Kaspersky Labs, based in Moscow, Russia, is developing an operating system that it claims will block hacker or malware attacks on critical infrastructure.

Such attacks are not merely a theoretical possibility. In 2010, the Stuxnet worm, which some observers suspect was developed by US and Israeli intelligence agencies, exploited vulnerabilities in supervisory control and data acquisition (SCADA) software. The worm wrecked hundreds of centrifuges at Iran鈥檚 Natanz nuclear facility, temporarily derailing its uranium enrichment programme.

Eugene Kaspersky, the firm鈥檚 co-founder, says its will prevent such attacks by stopping SCADA software from sending malicious commands to programmable logic controllers. PLCs are specialised computers that operate pumps, relays, motors, vents, circuit breakers and other industrial equipment.

SCADA software often runs on Windows-based PCs. To avoid downtime, these computers are rarely given software updates and antivirus patches 鈥 making them vulnerable to attack.

Verified mathematically

Kaspersky鈥檚 solution is to build an operating system dedicated to running SCADA software and controlling PLCs. It will be built from scratch 鈥 so will be not be based on existing software 鈥 and will contain a bare minimum of code, making it possible to verify mathematically that the system is free of vulnerabilities that could be exploited in an attack.

This so-called 鈥渇ormal verification鈥 procedure will ensure it is for the operating system to run unauthorised malicious commands, says Kaspersky.

While details on how the system will work are scant, Robert Ghanea-Hercock, chief security researcher at BT Laboratories in Ipswich, UK, reckons the new operating system will run existing SCADA software in a safe 鈥渟andbox鈥 module that is constantly monitored for malicious activity. 鈥淚 hope it succeeds,鈥 he says. 鈥淪omething needs to be done to protect global critical infrastructure from hacktivist groups.鈥

Some critics, however, think Kaspersky may have the wrong target in his crosshairs. Ralph Langner, the security engineer based in Hamburg, Germany, who first worked out how Stuxnet launched its assault, thinks that instead of focusing on the operating system, we should be concentrating on fortifying the SCADA software. 鈥淭he security problems of production plant controllers are not at the operating system level, they are at the application level,鈥 Langner says.

Wrong choice?

There may also be a more fundamental problem. Formal verification may simply be the wrong choice, says , a researcher at the Laboratory for Cryptography and Systems Security in Budapest, Hungary, which has been in the vanguard of investigating Stuxnet and its ilk. Bencs谩th warns that only small programs can be mathematically verified, limiting the versatility of the systems in question. While Kaspersky鈥檚 efforts may stymie some attacks on the low-hanging fruit, 鈥渢here is no uncrackable system鈥, he says.

Indeed, some attackers are trying novel tricks, says Victor Sheymov, a former Soviet KGB cryptographer who defected to the US in 1980 and who, after a stint at the US National Security Agency, now works in computer security. He says that Kaspersky鈥檚 system fails to address the emerging attack trend, which bypasses software entirely to target hardware. 鈥淲hatever attacks are possible in software can now be done with maliciously corrupted hardware,鈥 he says. 鈥淔ortifying operating systems, like robust versions of Linux, only helps against primitive attacks.鈥

Mirroring recent utterances from the US Intelligence Committee, which has been urging US buyers not to buy Chinese-built internet routers on security grounds, Sheymov believes some firms will be wary of Kaspersky鈥檚 system simply because it is Russian. 鈥淚n the west, we cannot guarantee that the computer products of any Russian company can be free of a back door to the Russian government,鈥 he told New 杏吧原创.

Whether or not Kaspersky succeeds, however, there may be a larger benefit. Langner predicts one benefit of a commercial antivirus vendor like Kaspersky entering this space: it could motivate SCADA companies like Rockwell and Siemens to finally address the issue of cybersecurity at industrial sites and utilities. With more sophisticated attacks on the rise, perhaps commercial competition is the best hope.

Topics: Computer crime / Energy and fuels