I was reading an article on the wire this morning about a nuclear power plant in Germany potentially compromised by cybersecurity problems. In the article, it was revealed that the infected system or culprit, was an old HMI station for moving control rods that was last updated in 2008. While this might escape discovery in an electronic security perimeter check, it should have been on a cybersecurity vulnerability assessment report as a system to remediate as soon as possible.
I know there are several challenges with upgrading and retrofitting process and manufacturing equipment, and that the challenges are even greater when they are nuclear control systems. I’ll concede that it is hard to know where all these devices are hidden on your networks. The list of devices just on the factory floor at level 1 and 2 in the diagram, can be overwhelming, But, it is professional cybersecurity and network experts jobs to find everything with some form of Ethernet protocol including industrial automation, building automation, access control systems, and all the Wifi 802.15.4 stuff. However, as the facility operators, it is careless to ignore the fact that the vulnerable legacy systems are on your network and then do nothing to protect them.
In many cases the legacy system can be isolated or protected using external devices like firewalls, encrypted tunneling, and oneway diode technology. If you cannot replace or upgrade the system to today’s standards, then you should be asking experts to help you hide it or remove it from the network.
If you would like to read the article, here is a link to the Reuters story, link.
About the feature image and the old fashion control panel, I bought this on iStockphoto because it reminded me of the control panels I sat at for 9 years when I ran a nuclear power plant for the US Navy. There weren’t any Ethernet devices hidden in here.