Industrial Control Systems (ICS) Under Attack

Did you read Booz Allen Hamilton’s newest Industrial Cybersecurity Threat Briefing [PDF] yet? If you are an IT security leader, you should. It’s the most thorough and comprehensive report on the state of ICS cybersecurity I’ve seen. 

It made me realize how real these threats are, and how ill-prepared we are to deal with them.

Remember the “Stuxnet” attack that sent the centrifuges in Iran’s Uranium enrichment plant into a self-destructive spin? In that attack, a USB stick was used to cross the security “air gap” of an unconnected computer, and drop malicious software on the (Windows-based) Siemens control units.

Now, attackers targeting critical infrastructure don’t even need to drop a USB stick in the parking lot. They can simply rely on employees opening a phishing email, or visiting a compromised website. That’s all it takes for a motivated outsider to wreak havoc, steal data or lock down critical ICS processes with ransomware.

On the rise: web-borne attacks against ICS sytems in utilities, transportation and manufacturing

Fear-mongering? I would have thought so too.  But then I read this new threat briefing, which draws on publicly available sources and Department of Homeland Security data. Its focus: incidents involving organizations that use and maintain ICS infrastructure.

Based on the findings in this report, I think it's fair to say that utilities and other ICS operators should learn a thing or two from leading financial institutions, federal agencies, law enforcement and other security-sensitive organizations.

What I mean? Read my blog post on the state of ICS and manufacturing cybersecurity here, on the Authentic8 blog.

###

About the author: Scott Petry is Co-Founder and CEO of Authentic8. Prior to Authentic8, Scott was the founder of Postini.