Tuesday, April 20, 2010

Industrial Control Attacks: Mundane or Prophetic?

This isn't exactly the sexiest part of IT security, but attacks on industrial control systems, such as utility, water and sewage treatment plants, are on the rise, according to data gathered by the Repository of Industrial Security Incidents (RISI). And with recent media attention on cyberwarfare, utilities would be a prime target to bring down for any potential cyberwarrior.

But besides cyberadversaries wanting to hit the US, a major source of infections is more mundane: employees bringing malware on infected laptops and USB keys, for example, according to the study.

Though only a fraction of these control systems connect directly to the Internet, they do connect to business networks, which in turn are connected to the Internet. It's the business networks, to which employees have access, that are the source of the malware.

Industry insiders are skeptical of the threat from employees, let alone foreign hackers engaging in potential cyberwarfare, which might seem even more far-fetched on the surface.

Although utilities and control systems are in private hands, their protection is crucial to any defense of critical infrastructure in times of war, cyber or not. And that defense will rely just as much on government and military, as it will on IT security professionals in the private sector, with they'll need to partner.

0 Comments:

Post a Comment

<< Home