Industrial Control Systems Cybersecurity Strategy, A New Approach
by Annabelle Lee, Nevermore Security
Executive Summary
Threats to Industrial Control Systems (ICS) and Operational Technology (OT) that operate our critical infrastructures are now in daily news media. ICS controls provide automation of operating power plants, oil and natural gas flowing through pipes nationwide, and support critical manufacturing of goods and pharmaceutical products for everyday use. Attacks on these systems can cause interruptions of major critical infrastructures, physical damage, and potentially threaten human health and safety.
The advances in technology and today’s offerings of the Industrial Internet of Things (IIoT) devices expands the attack surface of the ICS with the impact extending to all parts of the organization operating the critical infrastructures, the supply chain, and ultimately the end-use customers. Current cybersecurity solutions today cannot provide comprehensive protection against all the known and unknown threats of the automation components that operate the critical infrastructures, and specifically the energy sector. Particularly with the constantly changing threat and technology environments, this defensive approach results in the critical infrastructures constantly trying to play catch up in cybersecurity. Cyber attacks may be launched, for example, by malicious insiders, via the supply chain, and/or by unauthorized remote access. Attackers only have to be effective once and defenders need to be effective 100% of the time. It is not realistic to be 100% effective in identifying and addressing all known and potential cyber attacks. In addition, with the increasing availability of attack tools and techniques, the end result is that the defenders keep falling further behind in addressing cybersecurity.
This white paper proposes an alternative to the current defensive paradigm. The paradigm proposed in this paper augments this defensive approach and considers cybersecurity from the attacker’s perspective and includes identifying attack surfaces, attack vectors, and impacts. Because it is not possible to mitigate all potential cyber events, the objective is to identify the most common attack paths and mitigate the highest impact cyber events, independent of the specific attack method. This will include known and potential cybersecurity events. The unknown cyber events will be determined based on the impact to the ICS and the reliability of the grid. This paradigm will allow the energy sector to be more proactive in addressing cybersecurity and more resilient in the event of cyber attacks.