Abstract
Manufacturing industry, electricity networks, supply chain, food production and water treatment plants have been heavily depended on Industrial Automation and Control (IAC) Systems. Integration of Information and Communication Technology (ICT) played a significant role in the evolution of these systems. New emerging trends and technologies, such as Internet-of-Things (IoT) interact with traditional, isolated IAC systems. Sectors such as manufacturing, electric grids, pharmaceuticals, and water treatment facilities incorporate part of these “smart” technologies in order to increase efficiency, performance and reduce production costs. But despite of its benefits, interconnectivity between smart and legacy IAC systems also creates complex interdependencies, which in turn, make imperative the need for more safety and security countermeasures. This rapid evolution has also affected greatly the threat landscape. In order to comprehend this radical change we present and analyze recent, well documented attacks that target mission critical IAC systems, which incorporate Industrial IoT technologies. In particular, we focus on highly profiled, sophisticated attacks against interconnected automation and monitoring field devices, related software platforms and systems (e.g., Programmable Logical Controllers – PLCs, industrial robots) installed on industrial facilities and smart grid generation, transmission and distribution networks and systems.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Alves T, Das R, Morris T (2018) Embedding encryption and machine learning intrusion prevention systems on programmable logic controllers. IEEE Embed Syst Lett 10:99–102
Andrea M (2015) GE MDS PulseNET hidden support account remote code execution vulnerability. https://www.zerodayinitiative.com/advisories/ZDI-15-440/
Antón SD, Fraunholz D, Lipps C, Pohl F, Zimmermann M, Schotten HD (2017) Two decades of scada exploitation: a brief history. In: 2017 IEEE Conference on Application, Information and Network Security (AINS). IEEE, pp 98–104
Berger H (2014) Automating with SIMATIC S7-400 inside TIA portal: configuring, programming and testing with STEP 7 Professional. Wiley
Brian G, Fritz Sands TTMZDI Hacker machine interface: the state of scada HMI vulnerabilities. White paper, Trend Micro
Broad WJ, Markoff J, Sanger DE (2011) Israeli test on worm called crucial in Iran nuclear delay. NY Times 15:2011
Case DU (2016) Analysis of the cyber attack on the Ukrainian power grid. Electricity Information Sharing and Analysis Center (E-ISAC)
Cerrudo C, Apa L (2017) Hacking robots before Skynet1. IOActive Website
Chen P, Desmet L, Huygens C (2014) A study on advanced persistent threats. In: IFIP International Conference on Communications and Multimedia Security. Springer, pp 63–72
Cherepanov A (2017) Win32/industroyer: a new threat for industrial control systems. White paper, ESET, June 2017
Cherifi T, Hamami L (2017) A practical implementation of unconditional security for the IEC 60780-5-101 scada protocol. Int J Crit Infrastruct Prot 20:68–84
Clarke GR, Reynders D, Wright E (2004) Practical modern SCADA protocols: DNP3, 60870.5 and related systems. Newnes
Cowan C, Wagle F, Pu C, Beattie S, Walpole J (2000) Buffer overflows: attacks and defenses for the vulnerability of the decade. In: DARPA Information Survivability Conference and Exposition, 2000, DISCEX’00. Proceedings, vol 2. IEEE, pp 119–129
Devarajan G (2007) Unraveling scada protocols: using sulley fuzzer. In: Defon 15 Hacking Conference
Drias Z, Serhrouchni A, Vogel O (2015) Taxonomy of attacks on industrial control protocols. In: 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS). IEEE, pp 1–6
Falliere N, Murchu LO, Chien E (2011) W32. stuxnet dossier. White paper, symantec corporation. Secur Response 5(6):29
Formby D, Durbha S, Beyah R (2017) Out of control: ransomware for industrial control systems. http://www.cap.gatech.edu/plcransomware.pdf
Goodin D (2017) Hackers trigger yet another power outage in Ukraine. https://arstechnica.com/security/2017/01/the-new-normal-yet-another-hacker-caused-power-outage-hits-ukraine/
Gruber E (2014) Verifying ASLR, DEP, and safeSEH with powershell. Blog, NetSPI 23
Gutierrez JA, Naeve M, Callaway E, Bourgeois M, Mitter V, Heile B (2001) IEEE 802.15. 4: a developing standard for low-power low-cost wireless personal area networks. IEEE Netw 15(5):12–19
Hurd CM, McCarty MV (2017) A survey of security tools for the industrial control system environment. Technical report, Idaho National Laboratory, Idaho Falls, ID
Israel B, Ross R (2018) ICS threat broadens: nation-state hackers are no longer the only game in town. https://www.cybereason.com/blog/industrial-control-system-specialized-hackers
John KH, Tiegelkamp M (2010) IEC 61131-3: programming industrial automation systems: concepts and programming languages, requirements for programming systems, decision-making aids. Springer, Heidelberg
Klick J, Lau S, Marzin D, Malchow JO, Roth V (2015) Internet-facing PLCs-a new back orifice. Black Hat USA, pp 22–26
Kushner D (2013) The real story of stuxnet. IEEE Spectr 50(3):48–53
Lasi H, Fettke P, Kemper HG, Feld T, Hoffmann M (2014) Industry 4.0. Bus Inf Syst Eng 6(4):239–242
Lee RM, Assante, MJ, Conway T (2017) CRASHOVERRIDE: analysis of the threat to electric grid operations. Dragos Inc. https://dragos.com/wp-content/uploads/CrashOverride-01.pdf
Lian FL, Moyne JR, Tilbury DM (2001) Performance evaluation of control networks: ethernet, controlnet, and devicenet. IEEE Control Syst 21(1):66–83
Liang G, Weller SR, Zhao J, Luo F, Dong ZY (2017) The 2015 Ukraine blackout: implications for false data injection attacks. IEEE Trans Power Syst 32(4):3317–3318
Maggi F, Quarta D, Pogliani M, Polino M, Zanchettin AM, Zanero S (2017) Rogue robots: testing the limits of an industrial robot’s security. Technical report, Trend Micro, Politecnico di Milano
Mohassel RR, Fung A, Mohammadi F, Raahemifar K (2014) A survey on advanced metering infrastructure. Int J Electr Power Energy Syst 63:473–484
Momoh J (2012) Smart grid: fundamentals of design and analysis, vol 63. Wiley, Hoboken
Mulligan G (2007) The 6LoWPAN architecture. In: Proceedings of the 4th Workshop on Embedded Networked Sensors. ACM, pp 78–82
Nelson N (2016) The impact of dragonfly malware on industrial control systems. SANS Institute, Bethesda
Pagliery J (2015) The inside story of the biggest hack in history. CNN, 5 Aug 2015
Radvanovsky R, Brodsky J (2016) Handbook of SCADA/control systems security. CRC Press, Boca Raton
Rrushi JL (2017) Defending electrical substations against 0-day malware through decoy I/O in protective relays. In: Dependable, Autonomic and Secure Computing, 15th International Conference on Pervasive Intelligence & Computing, 3rd International Conference on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech), 2017 IEEE 15th International. IEEE, pp 486–493
Sadeghi AR, Wachsmann C, Waidner M (2015) Security and privacy challenges in industrial Internet of things. In: Proceedings of the 52nd Annual Design Automation Conference. ACM, p 54
Saxena N, Grijalva S (2017) Efficient signature scheme for delivering authentic control commands in the smart grid. IEEE Trans Smart Grid 9:4323–4334
Shacham H, Page M, Pfaff B, Goh EJ, Modadugu N, Boneh D (2004) On the effectiveness of address-space randomization. In: Proceedings of the 11th ACM Conference on Computer and Communications Security. ACM, pp 298–307
Shahzad A, Lee M, Lee C, Xiong N, Kim S, Lee YK, Kim K, Woo SM, Jeong G (2016) The protocol design and new approach for scada security enhancement during sensors broadcasting system. Multimed Tools Appl 75(22):14641–14668
Spenneberg R, Brüggemann M, Schwartke H (2016) PLC-blaster: a worm living solely in the PLC. Black Hat USA, Singapore
Srivastava A, Morris T, Ernster T, Vellaithurai C, Pan S, Adhikari U (2013) Modeling cyber-physical vulnerability of the smart grid with incomplete information. IEEE Trans Smart Grid 4(1):235–244
Stellios I, Kotzanikolaou P, Psarakis M, Alcaraz C, Lopez J (2018) A survey of IoT-enabled cyberattacks: assessing attack paths to critical infrastructures and services. IEEE Commun Surv Tutorials 20:3453–3495
Tovar E, Vasques F (1999) Real-time fieldbus communications using profibus networks. IEEE Trans Ind Electron 46(6):1241–1251
Wan J, Tang S, Shu Z, Li D, Wang S, Imran M, Vasilakos AV (2016) Software-defined industrial Internet of things in the context of industry 4.0. IEEE Sens J 16(20):7373–7380
Zeller M (2011) Myth or reality does the aurora vulnerability pose a risk to my generator? In: 2011 64th Annual Conference for Protective Relay Engineers. IEEE, pp 130–136
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Stellios, I., Kotzanikolaou, P., Psarakis, M. (2019). Advanced Persistent Threats and Zero-Day Exploits in Industrial Internet of Things. In: Alcaraz, C. (eds) Security and Privacy Trends in the Industrial Internet of Things. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-12330-7_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-12330-7_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12329-1
Online ISBN: 978-3-030-12330-7
eBook Packages: Computer ScienceComputer Science (R0)