Last week cyber security legislation failed in the US Senate. This week the Obama Administration is putting the word out that they may implement the parts he believes are critical through Executive Order. Our view is that DHS has all the authority they need to make a big difference and has failed miserably. The US Governments most intrusive effort, NERC CIP, has been generally panned with no bright future on the horizon. The legislation wasn’t going to make a difference in ICS security. At this point it is foolish to expect government action, at least US government action, to make a difference on the defensive side of ICS security. Vendors, owner/operators, you are going to have to see the need and do this yourselves.
The European Network and Information Security Agency (ENISA) published a document with ten smart grid security recommendations(ht: Andy Bochman). Mostly broad statements such as develop a regulatory and policy framework, promote public/private parternerships, foster awareness raising and training initiatives, … Recommendation 7, “the EC and MS competent authorities should foster the creation of test beds and security assessments” was the most interesting. Governments creating realistic test beds is on the rise worldwide.
If you are a fan of Infographics, check out this one on Stuxnet.
A final note, we are seeing the numbers in the ICS-CERT Incident Summary widely used as evidence of a dramatic increase in cyber attacks on ICS. This is just plain wrong, and ICS-CERT should clarify this and publish the number of cyber attacks on ICS over the period in the summary. Real cyber attacks on ICS, not attacks on corporate networks who have ICS, not incidents reported that ended up not being attacks. Either do this or you are intentionally feeding the beast.
Tweet of the Week
Worth Reading Articles
- Andrew Ginter’s rebuttal to the air gap myth articles ICS, SCADA Myth: Protection By Firewalls
- Tofino blog article ICS Security and VLANs
Critical Intelligence’s ICS Security Event Calendar Updates
- INSS Annual International Conference on Cyberspace, Sept 4 in Tel Aviv, Israel
- ICS security presentations at Remote 2012, Sept 18-19 in Denver, Colorado
Critical Intelligence provides reports and other information products on Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.
Image by TooFarNorth