Cyber Strategy
Cyber Secure
Cyber Operations
Cyber Response
Cyber ResilienceSecurity of Critical Infrastructure
Author: Shah Sheikh, CTO / CISO – Cybersecurity Advisory and Architecture
Security of Critical Infrastructure
Author:
Shah Sheikh, CTO / CISO – Cybersecurity Advisory and Architecture
The connectedness of Critical Infrastructure
The complexities of critical infrastructure and their interdependencies have grown, bringing more security concerns to the forefront of almost any conversation. If a power grid of a country goes down, all communications stop, hospitals shut down, air traffic ceases to operate and businesses and banks go offline. For this reason, the stability and security of the critical infrastructure is the most important factor in maintaining operability.
As presumed, the connectedness of these systems is possible due to the complex networks of connected devices that allow cross-system communication between infrastructures that were previously isolated from one another. The new era of connected systems has brought new potential vulnerability and an increase in cyber-attacks with massive consequences if successful.
Besides the power grid, telecommunications, public transport, and oil and gas pipelines, it is important to mention that Solar energy infrastructure and Industrial Control Systems are becoming an integral part of the most critical infrastructure.
The connectedness of Critical Infrastructure
The complexities of critical infrastructure and their interdependencies have grown, bringing more security concerns to the forefront of almost any conversation. If a power grid of a country goes down, all communications stop, hospitals shut down, air traffic ceases to operate and businesses and banks go offline. For this reason, the stability and security of the critical infrastructure is the most important factor in maintaining operability.
As presumed, the connectedness of these systems is possible due to the complex networks of connected devices that allow cross-system communication between infrastructures that were previously isolated from one another. The new era of connected systems has brought new potential vulnerability and an increase in cyber-attacks with massive consequences if successful.
Besides the power grid, telecommunications, public transport, and oil and gas pipelines, it is important to mention that Solar energy infrastructure and Industrial Control Systems are becoming an integral part of the most critical infrastructure.
The Security of Solar Energy
The Security of ICS Systems
Industrial Control Systems (ICS) is a wholesome term used to describe many control systems and instrumentation used in the control and operation of industrial systems. Devices, networks, and systems that fall under the ICS are also a common target of more sophisticated hacker groups that often try to exploit these systems and wreak havoc across the spectrum.
The protection of the ICS from threats and cyber-attacks has become the main topic when mentioning the protection of critical infrastructure and rightly so.
The Security of Solar Energy
The Security of ICS Systems
Industrial Control Systems (ICS) is a wholesome term used to describe many control systems and instrumentation used in the control and operation of industrial systems. Devices, networks, and systems that fall under the ICS are also a common target of more sophisticated hacker groups that often try to exploit these systems and wreak havoc across the spectrum.
The protection of the ICS from threats and cyber-attacks has become the main topic when mentioning the protection of critical infrastructure and rightly so.
Critical Infrastructure and the Cloud
Critical Infrastructure and the Cloud
Cyber Threats and Attack - Exposure to Critical Infrastructure
Cyber Threats and Attack - Exposure to Critical Infrastructure
Attacks on Industrial Control Systems
Attacks on ICS are like IT systems in terms of the attack method. Several instances of malware, ransomware, improper use of assets, and vulnerability-related attacks were detected on several ICS environments.
A cyber-attack on Saudi’s petrochemical plant was conducted in 2017 that targeted the safety instruments system in order to gain control of the plant’s toxic gas release. The root cause analysis determined that a spear-phishing attack was responsible for the initial infiltrator into the system.
Another cyber-attack involving Israeli’s ICS targeted the water pumping stations and attempted to exploit the components responsible for chlorine release and other chemicals in order to contaminate the water supply. The attack exploited outdated legacy systems with weak password practice management procedures but luckily failed to accomplish its goal.
Attacks on power grids were also observed in Ukraine where a power facility fell victim to a malware attack that rendered a large population of an area without electricity. The attack occurred in 2016 by a state-sponsored hacker group that utilized a wide range of attacks from malware to spear-phishing and remote access exploits. The attack was successful and exploited poor network segmentation practices and irregular firmware updates for critical equipment and controllers.
The most recent attack on critical infrastructure occurred in the US and targeted an oil pipeline with a ransomware attack. The pipeline was responsible for supplying the entire East Coast of the US with natural gas and fuel. The attack left more than 11,000 gas stations out of work and resulted in a sharp rise in the gas and oil prices on a national level. The company ended up paying the ransom with around 100 GB of data being stolen. It is suspected that the attack exploited a vulnerability left unpatched.
Threats to the critical infrastructure systems have evolved with the increase in connectedness and digitalization bringing in a new era of attacks. The consequences of successful cyber-attacks on critical infrastructure do not only involve loss of finances but a potential loss of human life and safety. With the introduction of the cloud, additional vectors of attack have proliferated, and the security of critical infrastructure depends on proper implementation, maintenance, and security controls.
Attacks on Industrial Control Systems
Attacks on ICS are like IT systems in terms of the attack method. Several instances of malware, ransomware, improper use of assets, and vulnerability-related attacks were detected on several ICS environments.
A cyber-attack on Saudi’s petrochemical plant was conducted in 2017 that targeted the safety instruments system in order to gain control of the plant’s toxic gas release. The root cause analysis determined that a spear-phishing attack was responsible for the initial infiltrator into the system.
Another cyber-attack involving Israeli’s ICS targeted the water pumping stations and attempted to exploit the components responsible for chlorine release and other chemicals in order to contaminate the water supply. The attack exploited outdated legacy systems with weak password practice management procedures but luckily failed to accomplish its goal.
Attacks on power grids were also observed in Ukraine where a power facility fell victim to a malware attack that rendered a large population of an area without electricity. The attack occurred in 2016 by a state-sponsored hacker group that utilized a wide range of attacks from malware to spear-phishing and remote access exploits. The attack was successful and exploited poor network segmentation practices and irregular firmware updates for critical equipment and controllers.
The most recent attack on critical infrastructure occurred in the US and targeted an oil pipeline with a ransomware attack. The pipeline was responsible for supplying the entire East Coast of the US with natural gas and fuel. The attack left more than 11,000 gas stations out of work and resulted in a sharp rise in the gas and oil prices on a national level. The company ended up paying the ransom with around 100 GB of data being stolen. It is suspected that the attack exploited a vulnerability left unpatched.
Threats to the critical infrastructure systems have evolved with the increase in connectedness and digitalization bringing in a new era of attacks. The consequences of successful cyber-attacks on critical infrastructure do not only involve loss of finances but a potential loss of human life and safety. With the introduction of the cloud, additional vectors of attack have proliferated, and the security of critical infrastructure depends on proper implementation, maintenance, and security controls.
Recommendation for Critical Infrastructure Asset Owners
Sign up for bulletins and alerts from US ICS-CERT – a great portal and source of information for latest vulnerabilities and threats related to ICS / OT and Critical Infrastructure.
https://www.cisa.gov/uscert/ncas/alerts
https://www.cisa.gov/uscert/ncas/bulletins
https://www.cisa.gov/uscert/ncas/bulletins
Recommendation for Critical Infrastructure Asset Owners
Sign up for bulletins and alerts from US ICS-CERT – a great portal and source of information for latest vulnerabilities and threats related to ICS / OT and Critical Infrastructure.
https://www.cisa.gov/uscert/ncas/alerts
https://www.cisa.gov/uscert/ncas/bulletins
https://www.cisa.gov/uscert/ncas/bulletins
See also:
Dubai