A nuclear reactor remotely blown up, killing millions.
A country wide blackout that lasts for weeks, leading to civil unrest and anarchy.
An attack on our very water supply, preventing millions accessing clean water.
These all sound like plot lines to the next Hollywood blockbuster, but these are not plot lines, they are very real concerns, theorized by very real and knowledgeable Cybersecurity experts.
James Lyne, Global Head of Security Research at Sophos recently stated at the RSA conference 2018 that “Critical failure here [in systems that run critical infrastructure] often means life and limb impact, not loss of a credit card number”.
In talking about a recent, and specific attack he says:
“Here we have a piece of malware, that didn’t just focus on industrial control systems, but one that specifically targeted the safety system.” which could have led to catastrophic failure and loss of life, all perpetrated using Malicious Software, remotely planted from half way around the world.” https://www.youtube.com/watch?v=aoIPIIB4xlA
At CyberStream we are seeing a huge uptake in the number of requests from our consultancy clients for ICS (Industrial control systems) cybersecurity engineers, architects, analysts, researchers, the list goes on. This sharp uptake, we believe, is a direct result of the increasing severity and number of attacks against the US and its national critical infrastructure.
Equally, our sister company EarthStream Global (who serve the Power Generation, Transmission & Distribution, Renewable Energy, Mining and Oil & Gas markets) are seeing a sharp uptake in cyber requests alongside our traditional SCADA coverage.
Experts in Industrial control systems, with a deep dive expertise in Cybersecurity are a very rare human commodity. We met with a CSO of global leading cybersecurity organization with top secret clearance to discuss this who summed this up perfectly “there are more of them [attackers] than us, and those of us with the skills to protect critical infrastructure should be prepared to do this at every opportunity”. This CSO puts this into practice, consulting for $1 for any American critical infrastructure program outside his daily work and was a great insight to the current threat landscape in critical infrastructure across the USA
So, what can be done to protect your business (besides creating your own Cybersecurity robots)?
From a technology standpoint, Automation and Orchestration are either seen as a silver bullet or a false flag. While Automation is key to removing the need for humans to respond and defend against all attacks, what we have seen (as tends to be the case across the Cybersecurity landscape), Automation is a response a preemptive measure, fighting against already Automated Cyberattacks as we speak with hackers investing in technology to increase the number, reach and impact of their attack.
Its going to come down to the strategy determined by experts in your business, that is deemed to most effective for securing critical infrastructure.
Whether this is building a robust internal control center to combat threats, such as Maersk have done in building a state of the art Command & Control Center in the UK (in exclusive partnership with CloudStream & CyberStream: https://www.joinmaersktoday.com
Or utilizing consultancy experts like Ernst & Young, whom we are supporting the build out of their Cyber ICS practice in North America.
What is clear is this threat is only becoming more acute and our defense needs to be ever more vigilant, as does our need for innovative solutions to attract expert cyber ICS professionals. As a personal passion of mine within the cyber consultancy practice, I welcome the chance to advise partners on effective techniques for identification, attraction & retention of ICS cyber experts.