The EU’s cyber security agency ENISA has provided a new manual for better mitigating attacks on Industrial Control Systems (ICS), supporting vital industrial processes primarily in the area of critical information infrastructure (such as the energy and chemical transportation industries) where sufficient knowledge is often lacking.
Stuxnet, the malware that rocked the security world and the first recorded cyber weapon, has an older and more complex “sibling” that was also aimed at disrupting the functioning of Iran's uranium enrichment facility at Natanz, but whose modus operandi was different.
Every large utility, pipeline, refinery and chemical plant has a cyber security program, but most are IT-centric.
Alert Logic examined the rise of cyber attacks targeting the energy sector—an industry thought to be particularly at risk due to the highly confidential and proprietary information they possess, as well as the prevalence of BYOD and contractor access.
Increasing numbers of recent security incidents against industrial control systems/SCADA raise questions about the ability of many organisations to respond to critical incidents, as well as about their analytical capabilities.