At a time when the world is facing Sars-CoV-2 - which drives the so-called fourth industrial revolution or industry 4.0, with massive investment in the installation of smart devices in industrial environments - the attack of another type of dangerous virus makes 10 years: in 2010, Stuxnet, a sophisticated computer pest, infected systems used to control equipment and even contaminated systems used in nuclear facilities in Iran and India. Malware was responsible for what is considered the first cyber attack in the world physicist. Its main targets were automation control systems and industrial monitoring, known by the acronym SCADA.
Using several unpatched flaws to attack and maintain itself in these systems, Stuxnet was able, for example, to cause flaws in centrifuges that enriched uranium in an Iranian factory and took six months to be detected. Kaspersky data at the time indicated that India was the country with the most Stuxnet activity (at least 86 machines were infected), followed by Indonesia and Iran. In times of a pandemic, the memory of this worm makes the industry think of importance of redoubling concern and care for intelligent production chains, in order to close all doors to similar new attacks.
Ten years later, the case is still a reference to show the weaknesses of critical systems, because although security technology has evolved, many companies still accept the risk of suddenly stopping by a hacker attack and do not invest in protection. Thiago Branquinho, CTO of TI Safe, reinforces that cyber-physical attacks require cyber-physical protection. "Companies need to protect themselves completely, from the entrance to user access to critical systems and data. Awareness is essential for people to understand their security responsibilities and to establish the first layer of protection," he says.
Technical controls include, but are not limited to:
- Have a next generation antimalware solution installed and configured at all endpoints on the network.
- Strict user access control, with multiple authentication factors.
- Network segmentation in zero trust architecture.
- Backup and recovery controls.
- Continuous monitoring of networks and systems.