22 December 2014
Last updated at 13:01
The hack attack led to failures in plant equipment and forced the fast shut down of a furnace
A blast furnace at a German steel mill suffered “massive damage” following a cyber attack on the plant’s network, says a report.
Details of the incident emerged in the annual report of the German Federal Office for Information Security (BSI).
It said attackers used booby-trapped emails to steal logins that gave them access to the mill’s control systems.
This led to parts of the plant failing and meant a blast furnace could not be shut down as normal.
The unscheduled shutdown of the furnace caused the damage, said the report.
In its report, BSI said the attackers were very skilled and used both targeted emails and social engineering techniques to infiltrate the plant. In particular, said BSI, the attackers used a “spear phishing” campaign aimed at particular individuals in the company to trick people into opening messages that sought and grabbed login names and passwords.
The phishing helped the hackers extract information they used to gain access to the plant’s office network and then its production systems.
Once inside the steel mill’s network, the “technical capabilities” of the attackers were evident, said the BSI report, as they showed familiarity with both conventional IT security systems but also the specialised software used to oversee and administer the plant.
BSI did not name the company operating the plant nor when the attack took place. In addition, it said it did not know who was behind the attack nor what motivated it.
The attack is one of only a few on industrial systems known to have caused damage. The most widely known example of such an attack involved the Stuxnet worm which damaged centrifuges being used by Iran in its nuclear enrichment programme.
Benjamin Sonntag, a software developer and digital rights activist, told Reuters: “We do not expect a nuclear power plant or steel plant to be connected to the internet.
“To be computerised, but to be connected to the internet and to be hackable – that is quite unexpected,” he said.