Control Systems Cybersecurity Expert, Joseph M. Weiss, is an international authority on cybersecurity, control systems and system security. Weiss weighs in on cybersecurity, science and technology, security emerging threats and more.
There are various threat scenarios which confront our entire national critical infrastructures that involve insecure process sensors. These scenarios can lead to loss of safety and resilience and to be addressed.
Dale Peterson had a twitter poll on DigitalBond.com asking what people think about the availability of security in sensors, actuators, instruments (Purdue Model Level 0 devices). The response was that most people agreed there was no security. So why isn’t there more of a drive to address this deficiency?
For ICS cyber security, Operations, cyber security, physical security, and risk management organizations need to coordinate and training is required for Operations to know when to work with IT Security following upset conditions.
ICS cyber threats are morphing from malware/insecure-by-design issues that can be found by network monitoring to compromise of system or component functionality which can be very difficult to detect, can cause significant physical damage and injuries, and probably cannot be found by network monitoring.
I will be giving a presentation at Defcon’s ICS Village Saturday July 29 at 2pm on cyber security of process sensing. As I have not attended Black Hat or Defcon before, I am looking forward to the experience.
Compromising process sensors can, and have, contributed to unintentional and malicious cyber events. There is a need to monitor process sensors to validate process conditions and know whether malware or other issues have caused impacts to the process.
If large equipment such as generators or transformers are damaged in a cyber attack, not only can it take many months to build new equipment, it could take weeks just to get it to the facility site because of the size of the equipment.
I did a podcast for Security Ledger on my thoughts about the recent hacking of Wolf Creek and other “ICS” facilities. The bottom line is the “means” exist for hacking control systems and causing damage. The question is the motive to do so. The podcast can be found at https://soundcloud.com/securityledger/joe-weiss-on-grid-attacks-and-critical-infrastructure-security.
Actuators, including motors and drives, control physical processes by monitoring sensors and adjusting pumps (motors), valves, fans, etc. When actuators don’t work as designed for malicious or unintentional reasons, equipment damage, injuries, and deaths can, and have been, a result.
Given the recent spate of cyber attacks including those against ICS applications, IIOT World ran the following blog on the need for IT and IOT convergence for IIOT applications - http://iiot-world.com/cybersecurity/industrial-cyber-security-why-it-ot-collaboration-is-no-longer-an-option-but-a-necessity/. The blog was co-authored by myself and Richard Ku from TrendMicro to illustrate the need for this convergence.