Hidden In Plain Sight

Control system cyber incidents are more plentiful and impactful than most observers expect - more than 17 million directly resulting in more than 34,000 deaths. Most of the incidents were engineering-based cyber attacks used to camouflage a deficiency in the design of the product or to cause physical damage.

The engineering-based cyber attacks did not involve the Internet, Windows, or Operating Technology (OT) networks to carry out the attacks. Consequently, these incidents were not identifiable by network cyber forensics and would not fall under the Chief Information Security Officer's domain.

This means most of these incidents would not be addressed by existing government and industry cyber security guidance, nor make their way to company  boards and regulatory authorities as cyber events.

While there have been more than 1,200 electric grid cyber-related incidents, that doesn’t adequately reflect the true impact on customers and the economy as some of the cyber-related outages have affected tens of millions of people. In addition, the diesel emissions scandal lays bare the philosophical differences in how offensive cyber attackers and cyber defenders’ approach cyber security.

The impacts from the 'dieselgate' were huge, more than $35 Billion in damages and several people went to jail, yet many defenders would not consider these to be malicious cyber attacks because they weren’t the type of attacks they were expecting.

Until the OT network-focused regulators and practitioners are willing to address engineering-based incidents and attacks, critical infrastructures cannot be secured.

Recommendations are provided to address the gaps in control system cyber security monitoring and control system cyber incident disclosure as existing disclosure requirements are geared toward vulnerabilities not incidents. It is also evident that monitoring the process sensor signals at the physics layer would have identified most of the incidents regardless of cause.

Joe Weiss is Managing Partner at Applied Control Solutions

This article is shortened version of the original Control Global Blog

You Might Also Read:

Many Cyber Security Experts Don’t Understand The Systems They Are Trying To Secure:

 

« Five Ways Executives Can Optimize Cyber Security Spending
It’s Well Past 230 For The US Communications Decency Act »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Axiomatics

Axiomatics

Axiomatics provides dynamic authorization and access control solutions to protect critical data assets.

CybSafe

CybSafe

CybSafe is a cloud-based platform focussed on addressing the human component of cyber security - an intelligent approach to awareness training.

Cymulate

Cymulate

Cymulate is a SaaS-based breach and attack simulation platform that makes it simple to know and optimize your security posture any time, all the time.

CyberTech Network

CyberTech Network

CyberTECH is a global cybersecurity, Internet of Things (IoT) and Smart City network ecosystem and incubator operator.

CyberSwarm

CyberSwarm

CyberSwarm is developing a neuromorphic System-on-a-Chip dedicated to cybersecurity which helps organizations secure communication between connected devices and protect critical business assets.

NINJIO

NINJIO

NINJIO is a leader in cybersecurity awareness training. View IT Security Awareness through a different lens - entertain and educate your users through storytelling.

In Fidem

In Fidem

In Fidem specializes in information security management, with a bold approach that views cybersecurity as a springboard to organizational transformation rather than a barrier to innovation.

Flexxon

Flexxon

Flexxon is the industry leader to develop NAND flash storage devices. Our key focus is to innovate memory devices ensuring data security and reliability.

Dimension Data

Dimension Data

Dimension Data is a leading African born technology provider operating in the Middle East and Africa, offering a portfolio of services including intelligent security solutions.

HighGround

HighGround

HighGround offer a Cyber Security Solution for everybody, regardless of skillset, to feel empowered in their security experience in reaching Cyber Resilience.

NormCyber

NormCyber

NormCyber provide award-winning cyber security and data protection as a service for midsize organisations.

Hawk AI

Hawk AI

Hawk AI’s mission is to help financial institutions detect financial crime more effectively and efficiently using AI to enhance rules and find anomalies.

Atlas Cloud

Atlas Cloud

Atlas Cloud is a UK-wide provider of managed services based in Newcastle. Our ‘research-led’ approach to IT services helps leaders make better decisions about IT for their businesses.

NVISO Security

NVISO Security

NVISO is a pure-play cyber security consulting firm, focused mainly on the Financial Sector, the Technology Sector, and Government & Critical Infrastructure.

Vambrace Cybersecurity

Vambrace Cybersecurity

Vambrace is an experienced cybersecurity consultancy and operations outsourcer helping you to secure your business in an increasingly-hostile cyber environment.

RedSense

RedSense

RedSense provides industry-leading threat intelligence services, adversary space interaction & monitoring, net flow monitoring and interpretation for our clients.