Energy and water are two of the most central critical infrastructures (CIs). Both sectors have undergone necessary changes to reflect the latest in technology and improve how natural resources are harnessed and distributed. Earlier this week, researchers from Trend Micro published a report on the ways that Human Interface Systems (HMI), which are found in thousands of utilities worldwide, can be exploited. The report further highlights the variety of challenges industrial control system organisations are facing today.
Andrea Carcano, CPO and Co-founder at Nozomi Networks:
“The challenges of protecting ICS are real. Attacks targeting critical infrastructure – from transportation systems to power, water, energy and beyond – are on the rise and there are legitimate concerns from asset operators that tackling security will impact uptime of critical systems.
“Human Interface Systems (HMI), in particular, represent a key risk for ICS security as they help human operators interact with control or SCADA systems and as a result can give cybercriminals access to the network. For example, an attack could be the result of an operator at the water utility opening a browser and clicking on an advertising link causing the malware to download to a HMI device (running Windows XP). Attackers continue to successfully exploit the human element of the chain to gain a foothold in networks, able to then navigate to the deep and secret areas of the infrastructure.
“In light of those events CNI organisations should give a high priority to re-assessing their cyber security programs, evaluate where they are in relation to government recommendations, and inform themselves about current technologies available for protection.By applying artificial intelligence and machine learning for real-time detection and response, organisations can identify operational changes that may indicate the presence of malware or other issues within industrial control systems, which are the heart of power reliability. Such real-time monitoring means utilities can rapidly discover and act to remove malicious code and the risks they pose to these environments before harm is done.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.