OT/ICS Security in contemporary age
The PHOENIX Project is developed exactly for this scope, to cyber-fortify the European EPES infrastructure by enabling and coordinating advanced, adaptive, and cooperative detection of large scale, cyber-human security and privacy incidents and attacks.
Industries across the globe rely on operational technology (OT) and industrial control systems (ICS) to support their mission-critical infrastructures. At the same time, we expect utilities to work, water to flow, communications networks to stay on, and trains to keep moving. Industrial areas such as power grids, transportation, water monitoring and distribution, oil and gas, and communications systems, all rely on ICS systems to deliver essential services. If these systems are left vulnerable to attack, they can open the door to serious, even catastrophic events.
Also, increased reliance on intelligence processing, exploitation, and dissemination, networked real-time communications for command and control and a proliferation of electronic controls and sensors in most types of equipment and facilities have greatly increased dependence on energy, particularly electric power.
Although the power grid has long been susceptible to natural disasters, deliberate attacks, and the problems of aging infrastructure, its vulnerability to attacks is increasing
A couple of years back, the U.S. Energy Department warned of “an imminent threat” to the electrical grid. This was yet another reminder of just how dependent we are on critical infrastructure networks and how vulnerable these systems are to the potential of cyber-attacks.
The ability of adversaries to exploit vulnerabilities through cyber means has expanded, creating considerable risk to the stable supply of electric power. Strictly preventive measures have been unable to completely eliminate threats to the electric power grid.
Recent armed conflicts have seen both physical attacks and cyberattacks on electric power grids, but the problem has also affected other types of businesses and infrastructure. Despite guidance documents that press for the use of cybersecurity best practices across a range of industries, state actors have used cyber means to carry out notable attacks against numerous public institutions, private organizations, and individuals.
The truly scary lesson in all these attacks until now was not related to what happened more than what didn’t happen. Hackers were able to successfully access major infrastructure facilities, but still, no municipal water supplies were poisoned, no nuclear power plants melted down, no electrical grids went down, and no trains crashed.
Hackers, in this instance, either chose not to push their limits or had limited capabilities but the main question we need to ask ourselves as we look forward is, how long can dumb luck keep us safe?
According to the 2019 Global ICS & IIoT Risk Report published by CyberX “The data clearly shows that industrial control systems continue to be soft targets for adversaries. Lack of even basic protections like automatically updated anti-virus enables attackers to quietly perform reconnaissance before sabotaging physical processes.”
As their key findings were:
- 40% of industrial sites have at least one direct connection to the Internet.
- 16% of sites have at least one wireless access point.
- 57% have weak antivirus protection.
- 84% have at least one remotely accessible device.
- 69% have security gaps in areas such as plain-text passwords.
The main conclusion is that organizations should implement proper safeguards to secure their industrial control systems.
PHOENIX Project is developed exactly for this scope, to cyber-fortify the European EPES infrastructure by enabling and coordinating advanced, adaptive, and cooperative detection of large scale, cyber-human security and privacy incidents and attacks.
Using coordinate European EPES cyber incident discovery, response and recovery and Incidents’ Information Sharing platform (I2SP) it acts at a pan-European level as a decentralized, trusted-by-design near real-time cybersecurity information awareness platform, coordinating the information exchange among authorized EPES stakeholders, utilities, CSIRTs, ISACs, CERTs, NRAs, and the strategic NIS cooperation group.
Image source: https://www.rand.org/content/dam/rand/pubs/research_reports/RR3100/RR3187/RAND_RR3187.pdf