On 14th December, the web journal hacker news reported that a new malware targeting ICS, more specifically Schneider Electric Triconex Safety Instrumental System (SIS), have been discovered by security researchers. The malware, designed as TRITON malware, targeted non-directly to the operational system but the safety systems in charge of monitor the performance of the critical infrastructure and enable immediate actions in case of dangerous states detection. If we summarise the news: TRITON is able to impact “safety” system of critical infrastructure. We can well imagine which could be the impact of such malware if they impact the safety system of nuclear power station, of a hydroelectric dam or or main high-pression gas storage/distribution system.
According to the researchers, the malware, as soon as is installed, would have the ability to read/write programs, read/write function and query the state of the SIS controller. The attacker could both spoof the monitoring system and take control of the emergency procedure implemented to strengthen the safety of the overall systems. (more information here)
This news should stress two fundamental requirements for the ATENA project:
- Monitoring systems, and ATENA tools could be considered as such, can introduce new vulnerabilities in particular if these systems have some reactive functionalities.
- Vulnerabilities management system should encompass not only the operational level but all control layers, i.e. all components able to react with the operational level and also with the monitoring of the operational systems.
These two requirements have been already considered in the specifications of ATENA tools, on the one hand, by designing the ATENA (as much as possible) as a passive system and, on the other hand, by integrating a vulnerability management system as a key stone of the risk assessment system to warn operators not only on the risk of attacks but also on the potential loss of dependability of their systems (including the monitoring system).