What is a zero-day cyber attack?

The name sounds sinister because it’s a hacker’s dream, a secret vulnerability that has no specific defense.

04/11/2014


One of the terms you will hear with regularity if you follow cyber security issues is a zero-day attack or a zero-day vulnerability. The name sounds scary and it should. It designates a vulnerability that a hacker has found in a network or product that can be exploited that nobody else responsible for defending the system knows about.

If Microsoft learns of a vulnerability related to Windows, the company will begin finding ways that the program code can be changed or patched to eliminate the problem. In the meantime, it may publicize the vulnerability so users can determine if they are at risk and take other appropriate actions to set up other defenses until the problem is patched. Until the problem is recognized and users are informed, hackers can make use of the vulnerability. The specific term in this case means that the defenders have had zero days to develop a solution.

Here's a nontechnical example: Let's say many of the electrical cabinets and strategic pieces of equipment in your plant are secured with combination padlocks from Whizzo Lock Company. That company has a good reputation, or at least that's what you believe, so you trust that those locks are effective protection.

But let's say some clever individual with criminal leanings begins to study those locks, going so far as to buy the same model and dissecting it. For the sake of the illustration, he discovers to his amazement that all those locks have a built-in master combination in addition to the normal combination. Whizzo designed them such that company service people can open any lock by using this secret combination. Users aren't aware of this capability and therefore do not try to defend against it, as the company only lets a very select group of people know about it. This is analogous to a PLC with a hard-coded user name and password that have been built into a device but not included in the documentation, effectively a special "back door" for servicing.

Or, as a second possibility, let's say the criminal analyst looks at a group of locks and discovers that the serial number actually gives the combination if you know how to decode it. So if someone trying to break it can get to the lock and read the number, he can put it in a calculator and multiply it by the secret factor and get the combination. Again, this is something that the company doesn't tell the general public for obvious reasons. This is analogous to a server with a hard-coded password that can be derived from the MAC address.

As a third possibility, maybe there is a mechanical weakness that he discovers. After looking at the insides, he finds that the lock can be pried open with a crowbar without too much trouble when the dial is set at 39. This was not intentional; it's just a small design flaw that the manufacturer didn't realize. This is analogous to a programming flaw or hardware peculiarity that allows a hacker to break in or otherwise cause mischief.

There are other attack vectors that aren't strictly zero-day but can get the job done. As a fourth possibility, perhaps the user company buys the locks with all the combinations the same so workers don't have to remember more than one. The criminal watches eBay and buys a piece of equipment sold by the company as surplus with the lock still in place and gets the combination that way. This is analogous to facilities selling used PLCs or other equipment with programming, data, and passwords still intact. This is a very common practice, unfortunately.

All of these represent specific weaknesses that have been found in various types of industrial networking hardware and devices, or user practices. If the criminal is aware of them but the users are not, that is effectively a zero-day situation.

This brings up a larger issue related to security that we have discussed in other contexts. As Matt Luallen discussed in July's cover story on problems related to mobile computing, all defensive measures require some measure of trust. If that trust fails, that defensive measure does not give the protection it is supposed to give. If enough of the defensive measures fail, the bad guy gets the run of the network. When the measure fails because of a zero-day vulnerability, you won't know how he got through your defenses. You can take some comfort in that once those problems are identified after somebody else gets hacked, users can take appropriate measures, or at least they should, before they suffer the same fate. Unfortunately, vulnerabilities that are uncovered but not fixed continue to provide attack vectors.

Peter Welander is a content manager for Control Engineering. Reach him at pwelander@cfemedia.com 

This article originally appeared in the August 2012 Control Engineering issue.

ONLINE

Read more about cyber security below. 



Anonymous , 04/21/14 05:38 PM:

Nice imformation congratulations
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
Hannover Messe 2016: Taking hold of the future - Partner Country status spotlights U.S. manufacturing; Honoring manufacturing excellence: The 2015 Product of the Year Winners
Inside IIoT: How technology, strategy can improve your operation; Dry media or web scrubber?; Six steps to design a PM program
World-class manufacturing: A recipe for success: Finding the right mix for a salad dressing line; 2015 Salary Survey: Manufacturing slump dims enthusiasm
Getting to the bottom of subsea repairs: Older pipelines need more attention, and operators need a repair strategy; OTC preview; Offshore production difficult - and crucial
Digital oilfields: Integrated HMI/SCADA systems enable smarter data acquisition; Real-world impact of simulation; Electric actuator technology prospers in production fields
Special report: U.S. natural gas; LNG transport technologies evolve to meet market demand; Understanding new methane regulations; Predictive maintenance for gas pipeline compressors
Warehouse winter comfort: The HTHV solution; Cooling with natural gas; Plastics industry booming
Managing automation upgrades, retrofits; Making technical, business sense; Ensuring network cyber security
Designing generator systems; Using online commissioning tools; Selective coordination best practices

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
This article collection contains several articles on the vital role that compressed air plays in manufacturing plants.
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.
click me