Operators of critical infrastructure and manufacturing in the US have received a warning from The FBI and Homeland Security Department about cyber criminals targeting them. The cyber-attacks have been limited to administrative and business networks, but are ongoing. IT security experts commented below.
“Targeting engineers with phishing messages is pretty straight-forward and, if successful, could be extremely damaging. In tandem, while air-gapping offered a degree of protection, the way our nuclear plants, and any infrastructure for that matter, is maintained today means this practice is defunct. We often see engineers ‘plugging’ in their own devices to perform diagnostic checks. Should that person’s device have been compromised, this action could unleash malware directly into the heart of each component being checked, which then crawls and burrows deeper into the infrastructure. Plant managers need to be able to identify and close down anomalous behavior before damage is done. Advanced monitoring and anomaly detection solutions provide actionable intelligence that enable them to identify intrusions and take immediate steps to ensure uptime and resilience of their critical operational technology (OT) environments.”
“With most industrial control systems now connected to the internet, they are vulnerable to targeted cyber attacks and cyber espionage campaigns. However, because the systems were not designed with security in mind, they are largely unequipped to deal with these attacks. For any business that has an industrial control system footprint, whether in manufacturing, transportation or energy, now is the time to evaluate how the environment is being secured. Failure to do so could result in a devastating attack which causes serious damage or even endangers public safety.
The first step is to review one of the available ICS Cyber Security Frameworks i.e. “NIST Guide to Industrial Control Systems (ICS) Security” or “CPNI – Security for Industrial Control Systems Framework”. This will assist organisations to better understand the challenges, requirements and responsibilities with regards to Governance, Business Risk, Managing ICS Life Cycle, Education and Skills, Security Improvements, Vulnerability Management, Third Party Risk, and Response Capability.”
“Cybercriminals and terrorist organizations clearly identify power and energy facilities as high value targets due to the potentially massive disruption that would come from their compromise. Based on this, power and energy organizations must be diligent and lead the world in deployed security systems. Many industrial control systems (ICS) are now connected to IP networks, making them more vulnerable to attack than in the past when they were deployed on proprietary, separate systems and networks. Due to the complexity and massive threat surface of modern networks, software, and systems, complete prevention is simply not possible. In addition to security tools aimed at prevention, these organizations must have incident response processes in place which leverage network traffic analytics (NTA) to monitor every network connection and look for anomalous device behavior. NTA provides the contextual forensic data needed to identify root cause, mitigate the problem and return to normal. Investigations that once took days, weeks or longer can now occur in just minutes.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.