Scare stories from the cyber frontline

NIST CS Framework, Industrial Defender, Lockheed Martin, Waterfall, IHS, Honeywell, Tofino.

The US National Institute of Standards and Technology (NIST) has opened its preliminary Cybersecurity Framework (CSF) for public comment . The CSF was developed in response to President Obama’s cybersecurity executive order of February 2013 and is expected to be published early in 2014. A key objective of the CSF is ‘is to encourage organizations to consider cybersecurity risk as a priority similar to financial, safety, and operational risk.’ Checkout the 47 page CSF.

In a blog posting on the Industrial Defender website Venkat Pothamsetty has analyzed the CSF and its meaning for control systems professionals. While the CSF is a good framework for ICS security, it is ‘yet another framework to follow.’ The CSF means that ‘big data and analytics’ will increase in importance in identifying attack patterns by monitoring deviations from a baseline of network activity.

Speaking at the 2013 API Cyber Security event in Houston this month, a team from Lockheed Martin presented their analysis of ‘a new class of security threats from sophisticated and highly organized actors looking to steal intellectual property and disrupt operations.’ Lockheed’s Intelligence Driven Defense addresses the threats facing the oil and gas industry with ‘best practices to protect critical operations and lessons learned.’

Some help in the war on the hackers may come from Waterfall Security Solutions’ new FLIP technology which replaces control system firewalls with a stronger alternative. The FLIP leverages Waterfall’s unidirectional security gateway to strengthen oil and gas facilities IT and control systems and mitigate cyber attacks.

Meanwhile at a gathering hosted by IHS and Honeywell, former Homeland security secretary Michael Chertoff told oil and gas industry executives, ‘It no longer takes an army to fight a war. The top threat businesses face in the future will be from cyber attacks.’ Some 40% of all reported attacks in 2012 were directed at energy companies. Honeywell’s Roger Fradin added, ‘Cyber risks are constantly evolving, and we have to work together to find the right combination of solutions. Honeywell is at the forefront of developing new technologies and advanced cyber security solutions to help defend against cyber attacks, preserving the availability, integrity and confidentiality of industrial control systems.’ More from Fradin.

Tofino’s Eric Byres writes on an ‘avalanche’ of reports of new security vulnerabilities in DNP3 Scada systems. These were uncovered by researchers Adam Crain and Chris Sistrunk, using a new security test tool developed under the AEGIS Project. The NERC-CIP electronic security perimeter is seemingly ‘full of holes,’ specifically the ‘millions of physically insecure pad and pole devices around the world.’ Byres states that, ‘An oil well at the side of a prairie road [is a] potential entry point to a much larger critical infrastructure. All it takes is a test tool to find a backdoor in devices using protocols like Modbus, Ethernet/IP or Profinet.’

Click here to comment on this article

Click here to view this article in context on a desktop

© Oil IT Journal - all rights reserved.