Industry Leader Confirms CYB-633 Discussion on ICS Security Challenges
We had a great online discussion in Utica College’s CYB-633, Critical Infrastructures and National Security. Students in both sections of the course signed into the lively discussion from all over the country, and the session was recorded and posted online for those who were unable to make it.
I set the stage with a brief presentation. I told the group that I had combined our discussions of industrial control systems (ISCs) and cyber terrorism because it seemed to me, ICSs are the crown jewels for online terrorists. Of course, there are plenty of malicious things that someone could do with other aspects of computers and networks, but to instill intense fear, attacks on ICSs are the most likely cyber avenue.
Why should I be concerned about Industrial Control Systems?
ICSs affect just about everything we do in industrial and post-industrial societies. Did you take a vitamin pill this morning? It was manufactured in a precise process directed by an ICS—not too much of this, nor too little of that, all in a closely monitored sterile environment. Did you dash to make your train on time? While you played Candy Crush Saga, your train switched tracks perhaps a dozen times to reach your destination. Otherwise, you might have looked up from your smart phone to find yourself in Towaco instead of New York Penn Station. Scarier still, your train might have collided with the one bound for Towaco.
Exactly how the ICSs switched the tracks for your train should be of no concern to anyone but NJ Transit and the contractor that installed the system. Anyone else poking around that sort of thing is up to no good. And lots of folks worldwide are doing just that—poking around ICSs. Regrettably, with the marriage of ICS and information technology, it’s not hard to do.
Recent Examples of Cyber Security Threats to ICS
By now, everyone has heard that in 2014, the Iranian Revolutionary Guard Corps was sniffing around the ICS that operates the Bowman Avenue Dam in Rye Brook, New York. The dam was at that time disconnected from the computer system for maintenance. But we must ask, why anyone but the City of Rye, which operates the dam, and residents and businesses downstream—the area has a history of flooding—would care.
Later, last December, a Russian advanced persistent threat (APT) group dubbed Sandworm turned out the lights for 700,000 residents of western Ukraine. US officials have since confirmed that the Kremlin-connected group used Black Energy-3 malware to attack the electric utility’s ICS system.
The morning after our CYB-633 discussion, a friend sent me the Rome CyberTech 2016 speech of Mauro Moretti, CEO of Leonardo, the world’s ninth largest defense contractor. Moretti calls the ongoing digitization of industry “the fourth industrial revolution.” He says, “The integration of automation and IT systems signals a profound change…with new requirements for safety and security.” Cyber security, Moretti concludes, “must be present from the very start of supervisory and control system architecture design.”
It was great to have such a timely confirmation of our CYB-633 discussion from a distinguished industry leader.