Dragonfly and ICSs

The Dragonfly attack on the energy sector has highlighted the vulnerability of Industrial Control Systems (ICSs). Moreover, it’s demonstrated how a phishing email can be even worse than a run of the mill cyber threat – it can be the first step in an elaborate, long-range attack with far-reaching implications.

Cyber intrusions into US Critical Infrastructure systems are happening with increased
frequency. For many industrial control systems (ICSs), it’s not a matter of if an intrusion will take place, but when. – DHS

Symantec explains the full history of Dragonfly from the first phishing emails to personnel in target firms, to watering hole attacks, to the Trojanizing of legitimate software bundles. Their recommendations for protection include using two-factor authentication and strong passwords. This is something all businesses can implement as a part of their cyber security strategy.

Measures for Any Business

Other important take-aways from the energy sector that can be applied to all industries are discussed in this brief interview with EnergySec’s new president Steve Parker. (EnergySec is a 501(c )(3) organization dedicated to securing critical energy infrastructure, workforce education, and information sharing.) Read the full interview here. 

It is a massive cultural shift in many operational technology areas to build a culture where security requirements are understood, accepted and consistently and properly executed. – Steve Parker

Parker highlights the need for security professionals with the right balance of technical expertise, soft skills and industry experience and the importance of creating a culture that underscores the importance of cyber security. Recently we highlighted some resources for developing IT skill sets.  For more information, click here.

Recommendations from the Department of Homeland Security

And while many experts were critical of the DHS, saying that more is needed than just an alert; the U.S. Department of Homeland Security states “If system owners had implemented the strategies outlined [in this paper], 98 percent of incidents ICS-CERT responded to in FY 2014 and FY 2015 would have been prevented. The remaining 2 percent could have been identified with increased monitoring and a robust incident response.”

The DHS’s paper,  Seven Steps to Effectively Defend Industrial Control Systems, offers a plan that can be easily applied to many industries to ensure you are protecting, as they say, “the perimeter” and “the interior”