Cyber attack at German Steel Mill damages equipment

March 19, 2021

INCIDENT

A German steel mill was targeted with malware that gave the attackers access to the business network and then to the SCADA/ICS network. The event was confirmed by the German government's Federal Office for Information Security (BSI) in an IT security report. Attackers that appeared to particularly target industrial plant personnel, caused plant control components to fail, resulting in an uncontrolled furnace, which eventually caused physical damage to the steel factory.

According to a study issued by the SANS Institute, the hackers used spear-phishing attempts to obtain access to the steel mill network. The email most likely contained an attached document that, when opened, activated the malicious malware onto the system. The malware then constructed a remote connection point to establish a bridge between the attackers and the targeted industrial network by exploiting vulnerabilities in a targeted operating system. The hackers were able to modify the programmable logic controllers (PLCs) at this stage, jeopardizing the furnace's operations, which further lead to its own physical damage.

Incident Date

December 22, 2014

Location

Germany

Estimated Cost

Physical damage to the plant, cost unknown

Type of Malware

No Malware identified

Threat Source

No threat source identified