Cyberattack Physically Damages Iron Plant in Germany

A German government agency says a computer intrusion destroyed parts of control systems at a steelworks facility.

In German-language a report released on Dec. 17, the agency says attackers gained access to an unnamed plant’s office network by sending a customized email that was laced with malware. Via the office system, the hackers were able to cross over into the production network.

A breach of the industrial control systems of the plant “resulted in an incident where a furnace could not be shut down in the regular way and the furnace was in an undefined condition which resulted in massive damage to the whole system,” according to the report, called the IT Security Situation in Germany in 2014.

The annual report is compiled by an agency tasked with managing computer and communication security for the German government, including critical infrastructure.

Robert M. Lee, cofounder of ICS security firm Dragos Security and an active-duty U.S. Air Force cyberspace operations officer, writes in a blog post, “There was an accumulation of breakdowns of individual components of the control system or of entire facilities.”

The frequency of failures in the components and the overall system resulted in the blast furnace not being regulated properly.

The technical skills of the hackers appear very advanced, Lee writes. They had sophisticated know-how of not only conventional cybersecurity, but also detailed technical knowledge of the plant’s specific industrial control systems and production processes.

“This is only the second time a reliable source has publicly confirmed physical damage to control systems as the result of a cyber-attack,” Lee writes. “The first instance, the malware Stuxnet, caused damage to nearly 3,000 centrifuges in the Natanz facility in Iran.”