Critical Infrastructure: Hackers Successfully Target German Steel Mill

Uploaded on 2015-01-22 in BUSINESS-Production-Manufacturing, FREE TO VIEW, TECHNOLOGY--Hackers

Hackers infiltrated a German steel mill and made it impossible to safely shut down a furnace, according to a German security report quietly published before the new year. The breach, which caused “massive” damage, marks just the second time a digital attack caused physical damage, highlighting growing fears that cyberwarfare will soon impact more than computers and networks.

German Steel MillFew specifics are provided in Germany’s Federal Office for Information Security report, first obtained by Wired, other than that the hackers obtained access via a spearphishing attack before quickly moving across a “multitude” of sensitive corporate networks. Who the hackers were, how long they were in the system, whether they intended to destroy the furnace and what, if any, other equipment they accessed all remains unclear.

“The know-how of the attacker was very pronounced not only in conventional IT security but extended to detailed knowledge of applied industrial controls and production processes,” said the German-language report, according to a Wired translation.

This hack comes after the U.S. and Israeli governments deployed the Stuxnet worm against the Iranian government, which is believed to have destroyed nearly one-fifth of the country’s uranium enrichment facilities used to make nuclear weapons. When that malware was discovered in 2010, cybersecurity experts warned that it would only be a matter of time before civilian infrastructure – like hospitals, banks, power grids or any number of possibilities – would be targeted by malicious actors.

“Countries realize that cyber espionage is a heck of a lot easier than anything else,” Chris Bronk, a former U.S. State Department official, told Ars Technica in 2012. “Now the question is: To what degree [will we have] malware that is designed to impact the physical world? When is that going to become a more widely utilized capability?”

http://cyberwar.einnews.com/article/243380090/40jq3CtBpWs7_wui

http://www.wired.com/2015/01/german-steel-mill-hack-destruction/

« How Fraud & Cyber Security Will Evolve in 2015
UK Police Radios will be killed soon, but is 4G really the Solution? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

CERT Syria

CERT Syria

CERT Syria is the national Computer Emergency Response Team for Syria.

HDI Global SE

HDI Global SE

HDI Global SE provides customised insurance solutions for industrial and commercial clients worldwide including Cyber Liability insurance.

ACM-CCAS

ACM-CCAS

ACM is a UKAS-accredited certification body helping businesses around the world perform to a higher standard. Our certifications include ISO 27001 and ISO 22301.

Veritas Technologies

Veritas Technologies

Veritas provide industry-leading solutions that cover all platforms with backup and recovery, business continuity, software-defined storage and information governance.

H3Secure

H3Secure

H3 Secure focuses on Secure Data Erasure Solutions, Mobile Device Diagnostics and Information Technology Security Consulting.

Elron Ventures

Elron Ventures

Elron partner with early stage ventures to build companies that transform lives and industries. Our main areas of focus are enterprise software, cybersecurity, and healthcare.

Griffeshield

Griffeshield

Griffeshield is a company specialised in new information technologies used to protect Intellectual Property.

NetApp Excellerator

NetApp Excellerator

NetApp Excellerator is NetApp’s global start-up program that aims to fuel innovation by partnering with deep-tech start-ups.

Seknox

Seknox

Seknox TRASA™ protects your business from insider threats.

Anterix

Anterix

Anterix is focused on empowering the modernization of critical infrastructure and enterprise businesses by enabling private broadband connectivity.

Hackuity

Hackuity

Hackuity is a breakthrough technology solution that rethinks the way of managing IT vulnerabilities in enterprises.

Extreme Networks

Extreme Networks

Since 1996, Extreme has been pushing the boundaries of networking technology, driven by a vision of making it simpler and faster as well as more agile and secure.

Digital Catapult

Digital Catapult

Digital Catapult is the UK authority on advanced digital technology. We bring out the best in business by accelerating new possibilities with advanced digital technologies.

Teleskope

Teleskope

Teleskope are on a mission to empower businesses to protect sensitive data by default.

Pistachio

Pistachio

Pistachio is the new evolution of cybersecurity awareness training and attack simulations.