Steve Loughran: Stuxnet: industrial computing has just changed

Before the first internet worm, computers on Arpanet trusted each other, thinks like rlogin were insecure, NFS trusted callers to be who they said they were. Machines trusted each other. Not any more, at least not on the big net. But in the factories, clearly that's still the case. All those little machines controlling big things, not enough passwords -or passwords that are in the ROMs therefore widely known

This is why Stuxnet is so profound: it's a message to factories. It says

1. Somebody is interested in accessing and possibly sabotaging an industrial facility
2. If your controllers are built out of Siemens kit, it's either a target or collateral damage
3. If your network isn't partitoned and firewalled, then if any copy of Stuxnet can get into the network, your factory belongs to them
4. If your PCs are running WinXP or other windows operating systems, there are unpatched exploits it can use to gain root access and install its rootkit
5. If your PCs allow network access to windows pipes, it's owned.
6. If your windows PCs dont have autorun disabled (tweakUI can do it), it's owned
7. If your organisation allows people to bring in USB memory sticks, they are ownable.
8. Even if you try and isolate the factory from the dev systems, if you deploy code by copying the code via memory sticks, the worm can get into your factory servers that way

Symantec have stuck up a blog posting and lovely document on the worm. It helps if you remember your windows programming skills. All the attacks on windows, though, they are means to an end. If the Siemens dev platform ran on, say, Linux, there'd be attacks on it too. We've got into a state where all desktop operating systems and their apps need to be updated every few weeks, yet in industrial systems you don't want to do that. That's a problem.

What else can be done? Well, you can turn off USB storage on laptops and PCs. I have a friend who works for some company where that's the default rule: no USB, no wifi, LAN only works on authenticated networks. Inconvenient, but more secure. I can see that kind of setup being more common. Inconvenient, but more secure.