Page 47: of Offshore Engineer Magazine (Sep/Oct 2013)

Read this page in Pdf, Flash or Html5 edition of Sep/Oct 2013 Offshore Engineer Magazine

A congressional source says physical damage. The virus

HSEQ a tailored attack, directed to was only confgured for Iranian “Cyber attack and terrorism have now moved target a facility through widely nuclear facilities. It wasn’t into the automation and process safety stage.” distributed malware, could designed to spread, US offcials have dangerous repercussions. say. But it did.

Steve Elliott director of Triconex product management

When infected devices have It provides scant comfort to

Invensys Operations Management been connected to isolated know that in spite of the fact networks, malware can spread “thousands of places around like wildfre and create electrical blueprint of Iran’s centri- the world were infected but only one serious problems. In one instance, fuges, with the data sent back to the was damaged,” the Iranian facility malware on a facility in the Gulf of National Security Agency in Maryland. at Natanz, Lewis says. While past

Mexico caused a system to lock up, The second stage, a trigger, added attacks focused on swiping terabytes says Misha Govshteyn, co-founder of “Zero Day exploits” that can cause of sensitive corporate data to gain

Alert Logic, a network security com- pany. “They literally had a worm that was fooding their network, and they’re out in the middle of the ocean.”

A congressional source says if companies understood how Stuxnet propagated throughout the industrial control system at the Natanz nuclear enrichment facility in Iran, then it

No limits would be very easy to understand how an attacker could get into a system to control an offshore platform. With enough knowledge of a facility like an oil platform, refnery, or pipeline network, a cyber attack that used distributed malware, could lead to real physical damage.

SCADA attacks

In the past, infrastructure networks were locally isolated and discon- nected from the outside world. It was “security via obscurity.” However, the

Stuxnet virus was the trigger that laid bare the weaknesses and vulnerabili- ties of the industrial control systems.

Elliott says a major trend in process safety and prevention continues to

Our innovative mindset makes be integration of control and safety us freerunners in heart and soul; when appropriate or systems. He added there is also a trend necessary, we push the toward open standards and networked envelope of our competencies. solutions, not just at the automation

After all, what matters in the level but also at the business and IT end is the result: the perfect deck that meets the highest levels. Yet, he says, more and more standards in terms of digital communication technology functionality and durability. remains at the heart of these advances,

Bolidt ship decks are rugged, the threats will only get greater, “espe- shrink-resistant and able to withstand varying loads and cially considering that digital commu- weather conditions.

nication extends into the feld.”

Bolidt, no limits.

“Stuxnet is an interesting weapons design,” Lewis says. “You need to introduce the virus and then you need to trigger it. It only works against a spe- cifc confguration.” The frst stage of the virus uses a “beacon” that performs surveillance of the target, mapping an September 2013 | OE 49

OffshoreEnginee.13-04-12.indd 1 12-04-13 11:19 044_OE0913_HSEQ_4_AdvPerThreat.indd 49 8/18/13 12:16 PM

Offshore Engineer