Drives and Controls Magazine
Cyber-attack causes ‘massive’ damage to German steel plant
Published:  26 January, 2015

Evidence is emerging of a cyber-attack targeting the control systems at a German steelworks that resulted in “massive” damage to a blast furnace. It could be the first publicly confirmed example of targeted damage to an industrial installation since the Stuxnet malware damaged almost 3,000 centrifuges in Iran in 2010.

News of the new attack has been revealed in an annual report produced by the German federal office for information security, known as BSI (Bundesamt für Sicherheit in der Informationstechnik). The organisation’s 2014 report describes the attack on the steelworks, but does not identify the company affected or reveal when the attack occurred.

According to the report, the plant was targeted using a sophisticated “spear fishing” attack and “ingenious” social engineering to access the facility’s office network. From there, the attack worked its way through to the production network where is caused “massive damage” by preventing a furnace from being shut down in the normal way.

The BSI report describes the technical skills of the attackers as “very advanced”. They had “advanced know-how not only of conventional IT security, but also detailed technical knowledge of the industrial control systems and production processes used in the plant”. A variety of different internal systems and industrial components were compromised.

The attack on the steel plant is revealed in the BSI's annual report for 2014

Commenting on the BSI report, the cyber-security analyst Robert Lee points out that if the German attack involved malware that that was targeted specifically at industrial control systems, this would be only the fourth time that this is known to have happened (the previous three being Stuxnet, Havex and BlackEnergy).