Latest news
Increase in cyber threats and sabotage on critical infrastructure
Posted on 18 June 2012.
The Pacific Northwest National Laboratory (PNNL), in conjunction with McAfee, revealed a report that fully examines the current challenges facing critical infrastructure and key resources as well as identifying specific risks and vulnerabilities in the evolving cyber threat landscape.
It analyses the value and effectiveness carefully integrated security solutions necessary to support the national security mission to secure industrial control system environments.
In addition, the big challenge for critical infrastructure and energy sector owners and operators, as identified by the report, is how to effectively secure their control systems within their governance and technical domains in an active and capable advanced persistent threat environment.
“When early critical infrastructure systems were created, neither security nor misuse of the interconnected network was considered,” said Philip A. Craig Jr, senior cyber security research scientist, a researcher within the National Security Directorate at the Pacific Northwest National Laboratory. “Today, we are still focused on enhancing the security of control systems. Outdated security methods that use a maze of disparate, multi-vendor, and stacked security tools will only delay a cyber attack, providing numerous opportunities for a more advanced and modern cyber adversary to attack cyber security postures throughout critical infrastructure.”
The report identified the following vulnerabilities to control systems environments:
Increased exposure: Communication networks linking smart grid devices and systems will create many more access points to these devices, resulting in an increased exposure to potential attacks.
Interconnectivity: Communication networks will be more interconnected, further exposing the system to possible failures and attacks.
Complexity: The electric system will become significantly more complex as more subsystems are linked together.
Common computing technologies: Smart grid systems will increasingly use common, commercially available computing technologies and will be subject to their weaknesses.
Increased automation: Communication networks will generate, gather, and use data in new and innovative ways as smart grid technologies will automate many functions. Improper use of this data presents new risks to national security and our economy.
The report also examines how emerging vulnerabilities of control systems continue to accelerate. Today’s cyber attack has evolved into a sophisticated and carefully designed digital-weapon tasked for a specific intent, such as the Stuxnet and Duqu virus.
“Infrastructures that control systems affecting our everyday lives, such as smart grids, are rising in adoption yet still lack the proper security needed to prevent sophisticated cyber attacks, “said Dr. Phyllis Scheck, vice president and chief technology officer, global public sector, McAfee. “Achieving security by design is essential in securing critical infrastructure. Cybersecurity must be embedded into the systems and networks at the very beginning of the design process so that it becomes an integral part of the systems functioning.”
In addition to control systems, the report also examines the impact of new technologies impacting the energy sector. As information and communication technology advances and becomes integrated into power system operations and planning functions, smart grids are created, which yield greater visibility into the state of the system and advancements in control to enhance system efficiencies. Despite the significant benefits of the dynamic nature of the power grid, it was not designed with cyber security in mind.
The report cites the following solutions in an effort to prevent vulnerability and mitigate attacks to control systems:
Dynamic whitelisting –Provides the ability to deny unauthorised applications and code on servers, corporate desktops, and fixed-function devices.
Memory protection – Unauthorised execution is denied and vulnerabilities are blocked and reported.
File integrity monitoring – Any file change, addition, deletion, renaming, attribute changes, ACL modification, and owner modification is reported. This includes network shares.
Write protection – Writing to hard disks are only authorised to the operating system, application configuration, and log files. All others are denied.
Read protection – Read are only authorised for specified files, directories, volumes and scripts. All others are denied.
The complete report is available at the McAfee website.
It analyses the value and effectiveness carefully integrated security solutions necessary to support the national security mission to secure industrial control system environments.
In addition, the big challenge for critical infrastructure and energy sector owners and operators, as identified by the report, is how to effectively secure their control systems within their governance and technical domains in an active and capable advanced persistent threat environment.
“When early critical infrastructure systems were created, neither security nor misuse of the interconnected network was considered,” said Philip A. Craig Jr, senior cyber security research scientist, a researcher within the National Security Directorate at the Pacific Northwest National Laboratory. “Today, we are still focused on enhancing the security of control systems. Outdated security methods that use a maze of disparate, multi-vendor, and stacked security tools will only delay a cyber attack, providing numerous opportunities for a more advanced and modern cyber adversary to attack cyber security postures throughout critical infrastructure.”
The report identified the following vulnerabilities to control systems environments:
Increased exposure: Communication networks linking smart grid devices and systems will create many more access points to these devices, resulting in an increased exposure to potential attacks.
Interconnectivity: Communication networks will be more interconnected, further exposing the system to possible failures and attacks.
Complexity: The electric system will become significantly more complex as more subsystems are linked together.
Common computing technologies: Smart grid systems will increasingly use common, commercially available computing technologies and will be subject to their weaknesses.
Increased automation: Communication networks will generate, gather, and use data in new and innovative ways as smart grid technologies will automate many functions. Improper use of this data presents new risks to national security and our economy.
The report also examines how emerging vulnerabilities of control systems continue to accelerate. Today’s cyber attack has evolved into a sophisticated and carefully designed digital-weapon tasked for a specific intent, such as the Stuxnet and Duqu virus.
“Infrastructures that control systems affecting our everyday lives, such as smart grids, are rising in adoption yet still lack the proper security needed to prevent sophisticated cyber attacks, “said Dr. Phyllis Scheck, vice president and chief technology officer, global public sector, McAfee. “Achieving security by design is essential in securing critical infrastructure. Cybersecurity must be embedded into the systems and networks at the very beginning of the design process so that it becomes an integral part of the systems functioning.”
In addition to control systems, the report also examines the impact of new technologies impacting the energy sector. As information and communication technology advances and becomes integrated into power system operations and planning functions, smart grids are created, which yield greater visibility into the state of the system and advancements in control to enhance system efficiencies. Despite the significant benefits of the dynamic nature of the power grid, it was not designed with cyber security in mind.
The report cites the following solutions in an effort to prevent vulnerability and mitigate attacks to control systems:
Dynamic whitelisting –Provides the ability to deny unauthorised applications and code on servers, corporate desktops, and fixed-function devices.
Memory protection – Unauthorised execution is denied and vulnerabilities are blocked and reported.
File integrity monitoring – Any file change, addition, deletion, renaming, attribute changes, ACL modification, and owner modification is reported. This includes network shares.
Write protection – Writing to hard disks are only authorised to the operating system, application configuration, and log files. All others are denied.
Read protection – Read are only authorised for specified files, directories, volumes and scripts. All others are denied.
The complete report is available at the McAfee website.
Spotlight
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Is Microsoft is reading your Skype communications?
Posted on 15 May 2013. | The question of whether Skype allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.
Internet Explorer best at blocking malware
Posted on 14 May 2013. | While Chrome’s malware download protection improved significantly, Internet Explorer 10 continues to outperform the other browsers with a block rate of 99.96%.
Researcher refuses to help Saudi telco to spy on people
Posted on 14 May 2013. | You would think that a Saudi Arabian telecom firm interested in monitoring its users' mobile communications would not be asking a well-known pro-privacy researcher for help, but you would be wrong.
Malicious browser extensions are hijacking Facebook accounts
Posted on 13 May 2013. | Facebook users - especially those in Brazil - are being targeted with malicious browser extensions trying to hijack Facebook profiles, warns Microsoft.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
