Stuxnet: protection in advance would have been possible

"These types of catastrophe scenarios, particularly when it comes to sensitive industrial facilities, have long been under discussion and IT security experts have often developed theories that play out these scenarios. Which is why we are not surprised by the attack but by the ensuing commotion," explained Dr. Rainer Baumgart, CEO of secunet Security Networks AG.

The existence of Stuxnet has been known for months: the virus became prominent after its attack on the Iranian nuclear plant Bushehr was made public. In Germany, several Siemens customers have discovered it in their facilities. The virus poses a huge threat because it capitalizes on several security vulnerabilities in the operating system that were previously unknown. Conventional security software often fails as a result.

Companies need to deploy a security solution that protects them against all risks from the very outset regardless of their mechanism. This is usually achieved by rigorously partitioning sensitive applications and confidential data. If they do not have contact with other systems, they can also not be attacked from the outside.
"Conversely, these types of solutions isolate threatened networks or networks that have already been infected from other control areas to prevent the malware that has made it into the system from reaching other security-critical systems," added Dr. Rainer Baumgart. "Because these solutions have already been available for many years, the risk posed by Stuxnet could have been prevented if the company had adequately invested in security at the right time."

As early as 2000, secunet developed a concrete solution for attacks of this quality working closely with the German Federal Office for Information Security (BSI). The SINA technology (Secure Inter-Network Architecture) makes it possible, for example, to operate virtualized Windows and Linux guest systems with different classifications at the same time and are strictly separate from one another. This technology avoids the intrusion of a virus or isolates viruses that have made it into the operating system and prevents them from spreading. This guarantees strict system security, even against threats that are today unknown, without significantly restricting the user's ability to work.


Back