Katherine_Bonfante
Katherine_Bonfante
Katherine_Bonfante
Katherine_Bonfante
Katherine_Bonfante

Industrial control system cyber attacks are on the rise

Jan. 19, 2016
Because more and more industrial control systems are exposed to the Internet, the risk of cyber attacks is greater than ever before
About the author
Katherine Bonfante is senior digital editor for Control and ControlDesign. You can email her at [email protected].Our very own cybersecurity expert Joe Weiss has been reporting on the vulnerability of control systems and online hackers for years, and now U.S. government officials report that in the past year there has been an increase of cyber attacks on industrial control systems.

See Control Systems Cybersecurity Expert Joe Weiss' Unfettered Blog

Marty Edwards runs the Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) and said the reason control system cyber attacks are on the rise is because they are exposed to the Internet.

"I am very dismayed at the accessibility of some of these networks," said Edwards during the S4 ICS Security Conference held in Miami last week. "They are just hanging right off the tubes."

More than 300 critical infrastructure security specialists convened in Miami and among the topics discussed was the Ukrainian electric grid cyber attack that took place in December 2015.

Also read: The Ukrainian electric grid cyber attack – it can it happen here

This incident caused a power outage in Ukraine and authorities say the source of the attack came from Russia. This is the first known power outage cause by a cyber attack.

The Ukrainian electric grid security compromise now has U.S. companies questioning the vulnerability of their own systems. Many wonder if they are doing enough to protect their interests and the public's safety.

The frequency of cyber attacks has increased in recent years, but experts cannot say how dangerous these really are. When the hackers' intentions are not known, cybersecurity specialists cannot say if the hits happened because hackers just want to expose systems' vulnerabilities and the easiness for these to be compromised, or if they have a hidden agenda with disastrous consequences. Until the hacker is identified, the threat level cannot be confirmed. But in any event, it should always be taken seriously.

U.S. officials are still learning about and identifying the malware used in the recent attack. They do know that BlackEnergy 3 was used in the Ukranian incident, which is a variant of malware ICS-CERT says infected some U.S. critical infrastructure operators in 2014.

The key here is to identify the worm, know what it is capable of and put and end to it before it is too late to protect and salvage our own industrial control systems.