A Cyberattack Has Caused Confirmed Physical Damage for the Second Time Ever

[InfoSec News <alerts () infosecnews org>]

http://www.wired.com/2015/01/german-steel-mill-hack-destruction/

By Kim Zetter
Threat Level
Wired.com
01.08.15

Amid all the noise the Sony hack generated over the holidays, a far more 
troubling cyber attack was largely lost in the chaos. Unless you follow 
security news closely, you likely missed it.

I’m referring to the revelation, in a German report released just before 
Christmas (.pdf), that hackers had struck an unnamed steel mill in 
Germany. They did so by manipulating and disrupting control systems to 
such a degree that a blast furnace could not be properly shut down, 
resulting in “massive”—though unspecified—damage.

This is only the second confirmed case in which a wholly digital attack 
caused physical destruction of equipment. The first case, of course, was 
Stuxnet, the sophisticated digital weapon the U.S. and Israel launched 
against control systems in Iran in late 2007 or early 2008 to sabotage 
centrifuges at a uranium enrichment plant. That attack was discovered in 
2010, and since then experts have warned that it was only a matter of time 
before other destructive attacks would occur. Industrial control systems 
have been found to be rife with vulnerabilities, though they manage 
critical systems in the electric grid, in water treatment plants and 
chemical facilities and even in hospitals and financial networks. A 
destructive attack on systems like these could cause even more harm than 
at a steel plant.

[...]

--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/