T0879 Damage to Property
Adversaries may cause damage and destruction of property to infrastructure, equipment, and the surrounding environment when attacking control systems. This technique may result in device and operational equipment breakdown, or represent tangential damage from other techniques used in an attack. Depending on the severity of physical damage and disruption caused to control processes and systems, this technique may result in Loss of Safety. Operations that result in Loss of Control may also cause damage to property, which may be directly or indirectly motivated by an adversary seeking to cause impact in the form of Loss of Productivity and Revenue.
The German Federal Office for Information Security (BSI) reported a targeted attack on a steel mill under an incidents affecting business section of its 2014 IT Security Report. 2 These targeted attacks affected industrial operations and resulted in breakdowns of control system components and even entire installations. As a result of these breakdowns, massive impact and damage resulted from the uncontrolled shutdown of a blast furnace.
A Polish student used a remote controller device to interface with the Lodz city tram system in Poland. 3 4 1 Using this remote, the student was able to capture and replay legitimate tram signals. This resulted in damage to impacted trams, people, and the surrounding property. Reportedly, four trams were derailed and were forced to make emergency stops. 4 Commands issued by the student may have also resulted in tram collisions, causing harm to those on board and the environment outside. 1
Item | Value |
---|---|
ID | T0879 |
Sub-techniques | |
Tactics | TA0105 |
Platforms | None |
Version | 1.1 |
Created | 21 May 2020 |
Last Modified | 30 March 2023 |
Procedure Examples
ID | Name | Description |
---|---|---|
C0020 | Maroochy Water Breach | In the Maroochy Water Breach, the adversary gained remote computer access to the control system and altered data so that whatever function should have occurred at affected pumping stations did not occur or occurred in a different way. This ultimately led to 800,000 liters of raw sewage being spilled out into the community. The raw sewage affected local parks, rivers, and even a local hotel. This resulted in harm to marine life and produced a sickening stench from the community’s affected rivers.7 |
Mitigations
ID | Mitigation | Description |
---|---|---|
M0805 | Mechanical Protection Layers | Protection devices should have minimal digital components to prevent exposure to related adversarial techniques. Examples include interlocks, rupture disks, release valves, etc. 6 |
M0807 | Network Allowlists | Use host-based allowlists to prevent devices from accepting connections from unauthorized systems. For example, allowlists can be used to ensure devices can only connect with master stations or known management/engineering workstations. 5 |
M0812 | Safety Instrumented Systems | Ensure that all SIS are segmented from operational networks to prevent them from being targeted by additional adversarial behavior. |
References
-
Bruce Schneier 2008, January 17 Hacking Polish Trams Retrieved. 2019/10/17 ↩↩
-
Bundesamt fr Sicherheit in der Informationstechnik (BSI) (German Federal Office for Information Security) 2014 Die Lage der IT-Sicherheit in Deutschland 2014 (The State of IT Security in Germany) Retrieved. 2019/10/30 ↩
-
John Bill 2017, May 12 Hacked Cyber Security Railways Retrieved. 2019/10/17 ↩
-
Shelley Smith 2008, February 12 Teen Hacker in Poland Plays Trains and Derails City Tram System Retrieved. 2019/10/17 ↩↩
-
Department of Homeland Security 2016, September Retrieved. 2020/09/25 ↩
-
A G Foord, W G Gulland, C R Howard, T Kellacher, W H Smith 2004 APPLYING THE LATEST STANDARD FOR FUNCTIONAL SAFETY IEC 61511 Retrieved. 2020/09/17 ↩
-
Marshall Abrams 2008, July 23 Malicious Control System Cyber Security Attack Case Study Maroochy Water Services, Australia Retrieved. 2018/03/27 ↩