Cyber attack on steel mill causes physical damage

It is reported that the attackers used targeted spear-phishing emails to trick recipients into opening messages that sought and grabbed login details and passwords. Access was gained to the control system via the plant's business network, from where the attackers successively worked their way through the production network. The attackers were familiar not just with conventional IT security systems, but also the specialised industrial controls and production processes.

The attack led to parts of the plant failing and meant a blast furnace could not be shut down as normal. The unscheduled shutdown of the furnace caused the damage.

The date of the attack and the company operating the plant are not detailed in the BSI report.