Waterfall, Kuppinger Cole Highlight OT Challenges, Solutions in Webinar

Last month, I joined Martin Kuppinger and Alexei Balaganski in a webinar titled “Industrial Control System Security: Getting a Grip on OT Cyber Security.”

To start the webinar, Kuppinger, founder and principal analyst for KuppingerCole, discussed the challenges presented to securing technology in the modern business. “The computing troika” presented by Kuppinger demonstrates the challenge Internet connectivity presents. Cloud computing, mobile computing and social computing are all driving increased network connectivity. The “Internet of Things” means every “thing” has a CPU and a network connection, and every employee carries with them many “things” and uses these and many more connected “things” all day long.

Balaganski, senior analyst for KuppingerCole, illustrated the differences between IT and OT in terms of their scope, devices and focus. IT security is about confidentiality, authenticity and business continuity. OT security, on the other hand, is focused primarily on defending personnel safety systems and equipment protection systems, and secondarily on defending the correct and reliable operation of the industrial process. This, naturally, means the consequences of failure for IT and OT security systems are far different.

Waterfall then discussed IT/OT integration solutions. The fundamental problem with greater connectivity is that all software can be compromised, such compromise can propagate via network messages and, fundamentally, firewalls forward messages. Firewall are routers with filters – they look at each message and either forward it, or not. Why does it make any sense to forward messages from IT networks, which are constantly exposed to attack from electronic mail and the Internet, to industrial networks, which control costly and dangerous physical processes? Every such message could be an attack.

Unidirectional Security Gateways allow information from industrial networks to travel to corporate networks, where business users and applications can query that data and profit from it, without ever allowing a message or any information at all back into the control system network. Hardware-enforced security solutions allow organizations to access real-time data as necessary, without the possibility of any attack reaching from the Internet or the corporate network through the system to threaten operations.

Listen to the webinar here. When you do, let us know what you think.

March news roundup: Hacks to industrial control systems continue

In case you weren’t able to keep up on this month’s critical infrastructure security news, below is a recap for you. As you’ll see, hacks to industrial control systems are increasing and there was no shortage of them in this month’s news, including attacks to a South Korean nuclear power plant and possible threat to U.S. airports and air traffic control centers. Read more in March’s news roundup:

NorthKorea 'Hacked' South Korean Nuclear Power Plant Operator
South Korea blamed North Korea for hacking and stealing data from one of its nuclear power plants. Blueprints of South Korean plants were posted on Twitter from an IP address located in North Korea. The attacks in question took place in December, shortly after the hack on Sony Pictures. Investigators, however, have found that South Korea’s nuclear plant management was not compromised and no critical data was leaked.

USindustrial control systems attacked 245 times in 12 months
In an ICS-CERT report, it was proven that U.S. industrial control systems encountered cyberattacks more than 245 times in the last year. The report, which covered the 2014 fiscal year, included all cyberattacks received and responded to by ICS-CERT. Fifty-five percent of these attacks showed signs of advanced persistent threats. Also, it should be noted that the energy sector accounted for 79 of the 245 attacks.

Kaspersky:‘A very bad incident’ awaits critical infrastructure
According to Eugene Kaspersky, founder of Kaspersky Lab, cyberterrorism is a looming threat to power grids, water supply systems and other critical infrastructure. The threats against critical infrastructure are increasing and hackers are learning more techniques from the exposure of these attacks. Kaspersky suggests international cooperation between security services may help defend against these attacks.

CyberspaceConflict Growing More Destructive, NSA’s Chief Says
According to NSA chief Rogers, there is a possibility that potential adversaries intentionally left evidence of an ICS hack in order to send a message to the U.S. that it is at risk of a destructive attack. To address the increasing risk of cyberattacks against U.S. organizations, Cyber Command is creating teams to defend military networks and assist commanders with a goal of having 6,200 personnel to operate in the next two years.

YourNext Flight Could Be Hit By a Cyber Attack    
The National Airspace System, which is responsible for controlling U.S. airports and air traffic control centers, is at risk for cyberattacks. According to a new report from the Government Accountability Office, hackers now have the capability to disrupt air traffic control operations. This report also made 17 public recommendations, including provisions to the training of cybersecurity employees.

Do you want to read more industrial security news? Check out last month’s news round up here.

Waterfall/Area 81 Racing Team Zips Through Another Successful Season

Waterfall Security Solutions is a proud sponsor of the Area 81 Racing Team, which had another successful year of races across the USA in 2014. Area 81 Racing Team drivers and crew members competed in five states with races at Road Atlanta, New Jersey Motorsports Park (NJMP), Virginia International Raceway, Carolina Motorsports Park, Roebling Road Raceway and Daytona International Speedway. They compete also in the South Atlantic Road Racing Championship (SARRC), the F1000 Championship Series and the Sports Car Club of America (SCCA) Majors. Here are some highlights from their exciting season.

Tim Pierce in car #18 earned podium finishes in seven SARRC races, including five race wins. He had a tense back and forth battle, jockeying for second through fourth positions in the F1000 Championship Series, having earned multiple top 10 finishes. It came down to the final race, where Tim placed second. Tim also fought to the second step of the podium in Daytona, as well as two fourth place finishes in SCCA Majors events at NJMP. Ultimately, it was a massive turnaround for the driver, who sat on the sidelines as a spectator for the first three races due to back-to-back blown motors.

Richard Franklin in car #81 locked in six podium finishes in SARRC races, including four SARRC race wins. He was also in the running for the SARRC F1000 Championship, where he had racked up several top 10 finishes, until the final laps at Daytona. Still, Richard walked away with a respectable sixth place finish. Richard earned the third place podium spot at the Road Atlanta SCCA Major event. This year marked several significant enhancements to the reliability of Richard’s Stohr F1000. Investments were made in spare bodywork and additional engine development. Amuch publicized (an extremely fun) visit to the high-tech A2 Wind Tunnel in Mooresville, North Carolina and collected valuable aerodynamic data.

Keep an eye on this blog for news on the 2015 racing season. Highlights will include racing the high banks of Daytona International Speedway during the 52nd Annual SCCA Runoffs. Visit www.Area81Racing.com, Facebook or YouTube for additional updates.

Check out previous blog posts on the Waterfall/Area 81 Racing team’s 2014 season:
- Waterfall/Area 81 Racing Takes SARRC F1000 Championship in Daytona
- Waterfall/Area 81 Racing Team Podiums Twice at Goblins GoDouble SARRC

Join us for a breakfast workshop on Thursday, March 26

For those of you attending Cybertech Israel this week, please consider extending your networking and learning to join us for a breakfast workshop we’re hosting on Thursday, March 26 at 9:00 a.m. at the Renaissance Hotel in Tel Aviv.

The workshop will feature interactive presentations from key figures within the cybersecurity world, among them Dimitry Shvartsman, director of technical intelligence for SenseCy, and Gil Litichever, CTO for Arilou Information Security Technologies.

In addition, we will demonstrate our latest technology for enabling safe IT/OT integration within critical infrastructures.

We expect a lively discussion and a delicious breakfast. If you want to get more details on this event, please contact: Amir Grovais at amirg@waterfall-security.com

We hope to see you on Thursday.

February news roundup: Threats from around the world are increasing

There was no shortage of critical infrastructure and cybersecurity in February’s news. Threats from around the world are increasing, and U.S. gas pumps are becoming vulnerable to hackers. Additionally, President Obama’s administration is adding new laws and regulations for cybersecurity to protect critical infrastructure further. Read about these news stories and more in this month’s news roundup:

Russian Cyber Threat more Severe than Previously Assessed
United States intelligence chief delivered his annual assessment by intelligence agencies of the top dangers facing the country on Feb. 26. Following the trend of recent years, cyberattacks were listed as the top danger to U.S. national security, even more dangerous than terrorism. Russia, China, Iran and North Korea are top threats to the United States. James Clapper, Director of National Intelligence, speculated that Russian cyber threats are among the most severe.

U.S. gas pump hacked with 'Anonymous' tagline
Evidence was found that at least one U.S. internet-facing gas pump was hacked by the group Anonymous. This was shown in a report by Trend Micro, which indicated that this type of hack is strictly an American issue because more than 98 percent of internet-facing gas pumps are located in the U.S. While this hack only resulted in a name change of the gas pump, real world implications will emerge from future hacks of this kind.

U.S. Government Pushes Companies to Address Cyberthreats
The Obama administration is pushing for companies to address the growing threats of cyberattacks, to supplement the laws and regulations that are being put into place. It hopes that private companies can help to take the lead because, as President Obama said, the government cannot address the threat alone. As part of this year’s National Defense Authorization Act, defense contractors must quickly make known when they experience a breach. In a speech on cybersecurity, Obama said, “This has to be a shared mission. So many  of our computer networks and critical infrastructure are in the private sector, which means the government cannot do this alone.”

What the Sony Attack Teaches Us About Security Convergence - Lessons for the PowerIndustry on Securing Critical Infrastructure
The hacking of Sony Pictures was a major cyberattack; however, it wasn’t even close to the worst-case scenario. Cyberattacks to critical infrastructure can cause injury, chaos or even death. Similar to the Sony incident though, the hacks are caused by a blend of cyber and physical attacks and ICS attacks. The solution for this is convergence of security.

Strengthening Cyber Risk Management
In a blog post, White House cybersecurity coordinator Michael Daniel wrote about how the government is focusing on streamlining cybersecurity regulations. New cybersecurity framework released early last year showed incentives to push industries to follow the standards. Later in the year, Daniel announced that the government would focus on eight recommendations; in this blog post, he identifies three as the most promising. Among these three areas are cyber research and development. He said that the Homeland Security Department is working with the critical infrastructure community to get a better idea of their end-goals.

Do you want to check out more industrial security industry news? Check out our January news round up.