DragonFly Group attacks energy companies in the US in hacking campaign against power and utilities…
How to Secure Your Industrial Control System Against Cyber Attacks
Today’s threat landscape is increasing at an alarming pace, and more and more organizations feel the need to protect themselves against cyber attacks and data breaches, such as phishing, DDoS attacks, Mirai, Ransomware and other types of malware. According to Verizon’s Data Breach Investigations Report 2016, “no locale, industry or organization is bulletproof when it comes to the compromise of data”.
ICS Cybersecurity Challenges
This is especially true for Industrial Control Systems (ICS), a domain that is falsely perceived as being shielded from cyber attacks. A publication on SecurityWeek has revealed that the majority of organizations still do not have the necessary security tools and processes in place to properly protect their industrial networks against malware. Meanwhile, the news is flooded with stories about malware such as Irongate and Stuxnet, developed specifically to attack and disrupt large-scale ICS and supervisory control and data acquisition (SCADA) environments in industrial facilities like power plants, waste processing systems, dams, and similar operations.
According to a 2016 research conducted by Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team, the exponentially increasing use of IT in industrial and manufacturing environments results in a variety of cybersecurity challenges for industrial control systems. For example, many control systems “may have very weak password policies and security policies that could let intruders take control of pumps, valves and other key components of the industrial control system” (Advanced Manufacturing Media, 2017). Also, ICS hardware and software have long been developed without any regard for information security requirements whatsoever, which leaves ICS vulnerable and poorly protected against cyber attacks (Kaspersky, 2017).
Unfortunately, too many organizations still don’t malware seriously enough and believe it is purely an IT problem that won’t affect other business functions in a serious way. ICS security experts agree that it is only a matter of time before industrial control systems will be compromised by cyber attacks, and advocate for increased security measures to strengthen their defenses.
“There is no more important work in the field of cyber right now than driving a rapid, exponential advancement in the security posture of industrial control networks. The threat is at our doorstep – this is the challenge of our industry for the next decade.” (Security Week, 2017)
How to Secure ICS?
Access our free webinar “How Your Adversaries Conduct ICS Attacks” and find out more about how organizations like yours can protect your environment, anticipate attacks, and secure vulnerabilities in your control systems.