Wednesday, December 22, 2010


Jason Holcomb of Digital Bond tuned me into this little snippet of brilliant insight from Ralph Langer..... which ties directly into my earlier post:

(Quoting myself) So if you as an asset owner are bewildered by the ease in which Stuxnet propagated, and bemoaning the fact that there is little in most systems that would have stopped it, well you need look no further for culprits then yourselves collectively, as you as a community have simply not demanded it in the products you buy.

Because of the fundamental lack of security in control systems we instead rely on bolt on hardening, and perimeter control. In the face of the metrics coming out about the number of systems infected by Stuxnet, it is obvious that this approach has failed.

Ralph's Brilliant Insight:

As an asset owner, you should presently live under the assumption that you continue to operate because the forces behind Stuxnet allow you to do so.

No truer nor more insightful statement has been made about Stuxnet to date. The biggest take away needs to be and again I am repeating myself...... This could have been a rock instead of a scalpel. The authors went to extreme measures to minimize collateral damage.

I hate to spread FUD, but in the light of the demonstrable impact and possibility of Stuxnet, what would of occurred if this had been merely an instrument of blunt trauma, bricking every flavor of every field device that it could have?