Every Little Internet Infrastructure is Attacked

TUV said: EVERY LITTLE INTERNET INFRASTRUCTURE IS ATTACKED and many dangers threaten are daily done, it is common knowledge today. But because more and more machines, production facilities and all attachments over the Internet network are, keyword industry 4.0, will assess the risk of hacker attacks as possible real industry. Now shows an experiment: the risk situation is a huge threat greater than previously feared – and also for small companies.

Nobody is too small or too insignificant, even a mini – hydroelectric power plant on the country not to become a target of attacks from the Internet. This shows an eight experiment of TÜV Süd. Its professionals have created a so-called HoneyNet which was visible in the Internet as a small insignificant waterworks in a German town. “A Honeynet is a system that should attract attackers and allow the analysis of access and attack actions,” says Dr. Armin Pfoh, Vice President of strategy & innovation at TÜV Süd.

Every Little Internet Infrastructure is Attacked
60,000 attacker from 150 countries wanted to turn off the faucet of a small hydroelectric power station on the Internet period of eight months. It was just not possible them because they have gone the TÜV on the glue or the honey. The security company had set up a high interaction Honeynet, to find out how infrastructure in the network are perceived. Result: Even small relatively minor be struck quickly by hackers.

Honeynet together with the utility industry guard

So the Honeynet convincingly acted as real water works in the Internet, the TÜV experts together with representatives of the utility industry developed the practical design of the system and the safety precautions and implemented. Because only if the system really works, it is interesting as a target for attackers. “To this end we have set up a so-called high interaction Honeynet, which combined real hardware and software with a simulated environment”, explains.

60,000 requests from 150 countries

The balance: more than 60,000 hits on their virtual infrastructure from over 150 countries experienced IT professionals. The first access was on the honey net almost simultaneously with the “arming” of the virtual plant and the enemy never rests.

“So we could prove that even a relatively minor infrastructure network is perceived and researched out”, says Dr. Thomas Störtkuhl, senior security expert and team leader industrial IT security at TÜV.

China and United States attack the most according to IP addresses

Led the list of attackers countries of China with 2995 followed attacks in the eight months, by the United States with 2318 attacks. Three stands with 934 attacks South Korea ranked. 366 times attacked the virtual water from their own country.

Honeynet Trap
The graph shows the logical structure of the Honeynet which the TÜV  for eight months as virtual hydropower plant has provided a German town in the Internet.

However, it is clear that the national IP addresses allow not load enabled statement about the actual location of the attacker. Also, the traffic in part through covert IP addresses were carried out.

Also industrial protocols are affected

Visits are not limited to the standard protocols of Office IT, but came through industry protocols such as Modbus TCP, or S7Comm. “The requests about industrial logs were significantly less common, but also came from all over the world”, warns Störtkuhl. This means that gaps in the security architecture of control systems are discovered and the systems are thus vulnerable to any attack.

No one is spared from attacks

“Even small or unknown companies are discovered or seen because constantly from San Diego’s actions in the Internet”, warns Störtkuhl. Because these companies can become victims of a wave of attack, even though they were not explicitly selected. “If companies once ended up with San Diego from actions on the monitor from potential attackers”, says security expert, “Also a targeted attack at a later time is easier.”

Warning shot to the industry 4.0

Thus, the experiment is a clear warning shot to the industry 4.0, where everything on the Internet is connected. The companies are invited to rethink their security arrangements. Because the increasing digitization and networking is the infrastructure and production facilities and creating new gateways for possible abuse. The range of espionage to the sabotage.