On December 23, 2015, hackers took down the power grid in a region of Western Ukraine, triggering the first blackout ever caused by a cyber attack. This attack was part of a broader trend, as hackers are increasingly exploring ways to target critical infrastructure like power grids, transportation systems, hydroelectric dams, and chemical plants.
Few cyber attacks against critical infrastructure have had the level of success and sophistication as the attack in Ukraine though. The attackers spent months laying groundwork before storming the power grid’s control systems on the day of the blackout. Experts say that other hackers could leverage some of the same tools and tactics used in the attack to target control systems for other critical infrastructure targets.
These control systems are increasingly being connected to the internet as part of the growing adoption of the Internet of Things among enterprises in utilities and other sectors. However, these systems have often been in place for decades, long before cybersecurity was a major concern. So these aging systems often lack even basic security protections to beat back hackers.
In a new report, BI Intelligence details the current cybersecurity landscape for companies in critical infrastructure sectors, as well as how companies can protect their control systems from hackers.
Here are some of the key points from the report:
Companies that operate critical infrastructure sites reported 295 cyber incidents in 2015, up from 245 in 2014.
Hackers are targeting the industrial control systems that operate critical infrastructure because of the enormous damage they can cause by crippling such infrastructure.
Industrial control systems typically weren’t designed to be connected to the internet, so they weren’t built with cybersecurity capabilities to ward off hackers.
The hack that caused a blackout in the Ukraine could serve as a blueprint for other hackers that want to target critical infrastructure, helping them succeed in future attackers.
The Ukraine hack highlighted the importance of training employees about cybersecurity and placing additional access controls on industrial control systems beyond firewalls.
In full, the report:
Explains the challenges that companies face in securing industrial control systems that they are connecting to the internet.
Breaks down what made the hack against the Ukraine’s power grid so successful.
Highlights how this attack will impact other companies operating critical infrastructure.
Details the best methods for securing industrial control systems against hackers.
Interested in getting the full report? Here are two ways to access it:
Subscribe to an All-Access pass to BI Intelligence and gain — For more information read the original article here.
One response
The New Front In Cybersecurity: How to prevent hackers from taking down critical infrastructure https://t.co/PhNX863w9l