| Recurring |
multiple_organization |
(a) The software failure incident related to the attack on the unnamed steel mill in Germany is a unique case and does not mention any previous incidents within the same organization.
(b) The article mentions that this incident at the steel mill in Germany is only the second confirmed case in which a wholly digital attack caused physical destruction of equipment. The first case referenced is the Stuxnet attack against control systems in Iran. This suggests that similar incidents have happened before at other organizations or facilities, such as the Stuxnet attack [32663]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident in the German steel mill can be attributed to design factors introduced during system development and operation. The attackers gained access to the steel mill's systems by infiltrating the corporate network through a spear-phishing attack, indicating a vulnerability in the system's design and security measures [32663]. Additionally, the attackers were able to compromise a "multitude" of systems, including industrial components on the production network, leading to failures in individual control components or entire systems, ultimately resulting in the inability to shut down a blast furnace in a regulated manner and causing massive damage to the system [32663].
(b) The software failure incident can also be linked to operational factors introduced during the operation of the system. The attackers successively worked their way into production networks after gaining access to the plant's business network, highlighting operational vulnerabilities that allowed them to navigate through the company's networks and compromise critical systems [32663]. The incident underscores the need for strict separation between business and production networks to prevent hackers from remotely accessing critical systems over the internet, indicating operational shortcomings in network configuration and security measures [32663]. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident at the unnamed steel mill in Germany was caused by hackers manipulating and disrupting control systems within the plant, leading to the blast furnace not being able to be properly shut down, resulting in massive damage [32663]. The attackers gained access to the steel mill through the plant's business network and then worked their way into production networks to access systems controlling plant equipment. Failures accumulated in individual control components or entire systems, ultimately leading to the inability to shut down the blast furnace in a regulated manner [32663].
(b) outside_system: The attackers infiltrated the corporate network of the steel mill using a spear-phishing attack, sending targeted emails to trick recipients into opening malicious attachments or visiting malicious websites where malware was downloaded to their computers [32663]. The attackers gained access to the plant's business network from outside and then moved into the production networks, indicating that the initial breach and access were from outside the system. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in the German steel mill was primarily due to non-human actions, specifically a cyber attack by hackers who manipulated and disrupted control systems to such a degree that a blast furnace could not be properly shut down, resulting in massive damage [32663].
(b) However, human actions also played a role in the incident as the attackers gained access to the steel mill through the plant's business network using a spear-phishing attack, tricking employees into opening malicious attachments or visiting malicious websites, which allowed the hackers to infiltrate the corporate network and eventually compromise industrial components on the production network [32663]. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident at the unnamed steel mill in Germany was primarily due to hardware-related factors. The hackers manipulated and disrupted control systems to such a degree that a blast furnace could not be properly shut down, resulting in "massive" damage [32663].
(b) The software failure incident also had contributing factors originating in software. The attackers gained access to the steel mill through the plant's business network and successively worked their way into production networks to access systems controlling plant equipment. They infiltrated the corporate network using a spear-phishing attack and compromised a "multitude" of systems, including industrial components on the production network, leading to failures in individual control components or entire systems [32663]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident in the German steel mill was malicious in nature. The hackers gained access to the plant's business network through a spear-phishing attack, then infiltrated production networks to access systems controlling plant equipment. They possessed advanced knowledge of industrial control systems and caused "massive damage" by manipulating and disrupting control systems, specifically preventing the blast furnace from being properly shut down [32663]. The attack resulted in physical destruction of equipment, indicating a deliberate intent to harm the system.
(b) There is no information in the articles suggesting that the software failure incident was non-malicious. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The intent of the software failure incident related to poor decisions:
The incident at the unnamed steel mill in Germany involved hackers manipulating and disrupting control systems to such a degree that a blast furnace could not be properly shut down, resulting in "massive" damage [32663]. The attackers gained access to the steel mill through the plant's business network and successively worked their way into production networks to access systems controlling plant equipment. The attackers infiltrated the corporate network using a spear-phishing attack, indicating a deliberate and planned effort to breach the systems [32663]. The attackers appeared to possess advanced knowledge of industrial control systems, extending to detailed knowledge of applied industrial controls and production processes, suggesting a targeted and well-informed attack [32663].
(b) The intent of the software failure incident related to accidental decisions:
There is no indication in the article that the software failure incident was due to accidental decisions. The incident appears to be a deliberate and targeted attack by hackers with advanced knowledge of industrial control systems [32663]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident in the German steel mill was not attributed to development incompetence. Instead, it was a result of hackers manipulating and disrupting control systems, showcasing their advanced knowledge of industrial control systems [32663].
(b) The software failure incident was accidental in the sense that the attackers may not have intended the physical destruction caused by their actions. It's unclear if the attackers intended to cause the damage or if it was collateral damage from their infiltration and manipulation of the control systems [32663]. |
| Duration |
temporary |
The software failure incident at the unnamed steel mill in Germany, where hackers disrupted control systems causing damage to a blast furnace, can be categorized as a temporary failure. The hackers were able to infiltrate the plant's networks and compromise multiple systems, leading to the inability to shut down the blast furnace in a regulated manner and resulting in massive damage to the system [32663]. The incident was not a permanent failure as it was caused by specific circumstances introduced by the hackers' actions rather than inherent flaws in the system itself. |
| Behaviour |
crash, omission, value |
(a) crash: The software failure incident in the German steel mill resulted in a crash scenario where the blast furnace could not be properly shut down, leading to "massive" damage [32663].
(b) omission: The attackers were able to infiltrate the plant's networks and compromise a "multitude" of systems, causing failures in individual control components or entire systems, ultimately resulting in the inability to shut down the blast furnace as intended [32663].
(c) timing: The incident did not specifically mention a timing-related failure, as the focus was more on the physical damage caused by the attack rather than the timing of system functions [32663].
(d) value: The software failure incident led to the system performing its intended functions incorrectly, as the attackers disrupted control systems to such a degree that the blast furnace could not be shut down in a regulated manner, causing massive damage to the system [32663].
(e) byzantine: The incident did not exhibit a byzantine behavior where the system behaves erroneously with inconsistent responses and interactions. The attack seemed to have a clear objective of causing physical damage to the equipment [32663].
(f) other: The software failure incident also highlighted the need for strict separation between business and production networks to prevent hackers from accessing critical systems. It emphasized the potential risks of hackers gaining access to industrial control systems and causing physical destruction [32663]. |