We are pleased to publish links and white papers from solutions providers, these are sponsored to help cover our costs but selected because of their genuine interest and application to the energy sector.
Siemens and Cyber Security
Siemens strengthens its customers’ industrial cyber defences with built-for-purpose hardening and monitoring OT solutions aimed at transforming an organization’s response to threats, and most importantly, builds their capacity to respond to attacks. Through intensive research and development, we built new solutions, and recognized that resilient cybersecurity requires an ecosystem of technologies, partners and solutions. We solved the confidence gap by creating visibility into operations, giving the context needed for insights that enable action.
Siemens’ industrial cybersecurity business helps its customers stay safe by:
· providing visibility into weak spots
· shoring up plant, fleet and corporate defences
· helping prepare for regulatory compliance
· detecting threats in real time and working in tandem to respond
Siemens’ white paper, Visualizing a Cyberattack on the Energy Industry: Developing and Deploying a Utility Playbook for Instant Response, is designed to help electric utilities manage an unfolding crisis using an instant response (IR) playbook to address the rise in cyberattacks targeting the energy industry’s critical infrastructure. Further information on the rise of cyberattacks against the energy industry can be found in a 2019 joint study between Siemens and Ponemon Institute, Caught in the Crosshairs: Are Utilities Keeping Up with the Industrial Cyber Threat?
A New Approach to Classifying OT Attacks
Cyber Incident reporting in SCADA systems gives us invaluable insight into the burgeoning threat landscape. Incident case reports help the security community understand what threats we face and thus enable organisations to establish a robust defence strategy. In recent years, there has been an increase in cyber security awareness and the adoption of detection tools. As a consequence, the number of reported incidents and campaigns targeting SCADA networks has increased. In this whitepaper Radiflow dives into several highly publicised security incidents over the past 10 years such as the Triton and Ukraine electricity blackout incidents.
Radiflow believes that the next step in risk analysis for critical infrastructure operators and industrial firms is determining the impact of disclosed vulnerabilities. This should be carried out based on the context of the firm's OT network and business logic related to relevant attacker models.
Experts argue there are issues with existing classification methods. NIST and ICS-CERT, the two major vulnerability disclosure organisations, use scoring standards for assessing security flaws with a bias toward IT networks.
Radiflow’s new white paper discusses this in detail: Meet Your Attacker – Taxonomy and Analysis of a SCADA Attacker.
Protect Critical Infrastructure from Supply Chain Attacks
Utility asset owners trust their vendors to supply valid patches and updates – but that trust can be exploited. If attackers can get counterfeit files into the hands of unwitting technicians, they can bypass traditional security measures and gain access to critical systems. Increasingly, attackers are targeting weaknesses in supply chain security to insert and distribute dangerous software.
aDolus provides a platform called FACT™ (Framework for Analysis and Coordinated Trust) for brokering information about software/firmware for critical infrastructure to help energy companies determine if updates are safe to install. FACT aggregates information from vendors, asset owners, system integrators, consultants, and security researchers to build a “FACT score” of trustworthiness. We drill down into packages to detect hidden sub-components, inspect certificate chains, validate versions and provide an authoritative and exhaustive report on all that is known about any given file.
Like a FICO credit score, FACT makes it quick and easy to make critical installation decisions and ensure governance of security processes.