In an announcement last week, the two companies said they are targeting Advanced Persistent Threats aimed at the manufacturing and process industry.

 

In a press release, Stuart McClure, the senior vice president and general manager of Risk and Compliance at McAfee, said, “McAfee is pleased to partner with Siemens-Division Industry Automation to extend its industry-leading whitelisting solution to help secure the world’s critical infrastructures.”

Siemens manufactured the industrial control system that controlled the centrifuges at Iran’s nuclear factories as well as control systems that have been implemented across the world.

 

This new security product could help ease security fears for critical infrastructure operators who rely on industrial control programs for nearly every automated process including transportation systems, electrical grids, and even nuclear power plants.

“McAfee Application Control maintains the integrity of endpoints and servers, giving enterprises the foundational layer of security that is needed to prevent disruptive software, advanced persistent threats and zero-day malware attacks,” McClure said.

The Stuxnet worm has proven that hackers can target specialized software called supervisory control and data acquisition systems (SCADA) that control core processes.

Eric Knapp, the director of critical infrastructure markets at NitroSecurity, explained that these systems “are specialized protocols used by the big industry giants,” and they “are very insecure.”

According to David Hatchell, the manager of energy and utilities at McAfee, the company’s Application Control system product would have protected Iran’s centrifuges from the Stuxnet virus that caused them to spin out of control.

Hatchell explained that McAfee’s product “would have protected against propagation of the malware onto the [Iranian nuclear plant’s] process control system network by not allowing the code to execute. This would have meant protection against the zero-day exploits contained in this malware and the subsequent spread to the PLC [programmable logic controller] devices operating the plant.”

The McAfee Application Control system relies on a dynamic trust model that automatically updates itself against new threats eliminating the need to manually add new threats from approved lists.

Tino Hildebrand, the head of Marketing and Promotion Simatic HMI at the Siemens-Division Industry Automation, added that “a solid security solution touches three domains: people, process and technology” and the “McAfee Application Control for Siemens-Division Industry Automation is a significant step towards increased security at the product layer.”

He continued, “At the start of a project you have to design security into the solution, you have to raise awareness of all people responsible for the project and later operating the site. In addition, you have to take care of standard operation procedures to cover all relevant aspects. The security architecture has to be built with several layers of defense. McAfee Application Control for Siemens-Division Industry Automation is the cornerstone of this security concept,”

Industrial control processes are difficult to manipulate as they are isolated and not connected to the internet, but Stuxnet demonstrated that a determined saboteur could still breach these safety measures.

In the case of Iran’s secure Bushehr nuclear facility, hackers were able to introduce the Stuxnet virus by using portable USB thumb drives. Once inside the virus specifically targeted the software controlling centrifuges and altered their code to force the machines to spin out of control and cause physical damage.

The McAfee Application Control for Siemens Division Industry Automation is now currently available to McAfee customers and its partners.