ICS-CERT provides cyber security update on industrial control systems

When industrial control systems (ICS) are compromised by cyber security threats, the U.S. government provides a confidential way to share knowledge of the threat and get help. ICS-CERT helps mitigate cyber risk in control systems and embedded systems including vendor testing, on-site assessments, and training. Jeff Gray, with the U.S. Dept. of Homeland Security, outlines the latest industrial control system security issues and cyber security recommendations from the Cyber Emergency Response Team (CERT), at the 2015 CSIA Executive Conference.

05/02/2015


Jeff Gray, unit chief for training and outreach, U.S. Dept. of Homeland Security, Arlington, Virginia, is part of the Industrial Control System (ICS) Cyber Emergency Response Team (CERT). The organization is making available version 7.1 of the Cyber Secur"We want YOU (to share your cyber security threats) with us," to paraphrase the U.S. federal government. If an industrial control system (ICS) or attached systems has been breached with a cyber security threat, share the information confidentially, so you and others can benefit.

"We reduce cyber security risk for critical infrastructure," explained Jeff Gray, unit chief for training and outreach, U.S. Dept. of Homeland Security, Arlington, Virginia, Industrial Control System (ICS) Cyber Emergency Response Team (CERT). The organization also is making available version 7.1 of the Cyber Security Evaluation Tool, a free download to help the private and public sector report events. Gray made his comments on May 1 at the 2015 CSIA Executive Conference, in Arlington. CSIA stands for Control System Integrators Association.

ICS-CERT helps mitigate cyber risk in control systems and embedded systems including vendor testing, on-site assessments, and training. Gray said the organization provides a mechanism for organizations to share knowledge about cyber security risks without being identified, and provides recommendations and training based on that knowledge.

Gray is also the program lead for the Industrial Control System Joint Working Group within ICS-CERT. ICS-CERT reaches out to automation vendors, users, and system integrators with information about threats, without sales pitches.

"Information sharing has taken off," Gray said, noting that all presentations are available online, and three levels of training are available, two online courses and advanced, in-person training in Idaho Falls, Idaho. ICS-CERT also can remove any threats in a system, and, "Depending on severity we may take a very active role in helping out to mitigate threats, with vendors and the community." 

Assessment levels, incident handling

The Advanced Analytical Laboratory has bi-annual meetings, provide a Roadmap to Secure Control Systems, and a forum for current issues. Three levels of assessment are:

  1. To walk through the tool
  2. Provide an architectural review, mapping networks and looking at strengths and weakness
  3. Analyze network traffic.

Services and available tools are also expanding from the private sector to federal buildings.

Gray said confidential incident handling, which requires a legal agreement with participants, has trended upward, with a spike in 2013 because of an organized campaign against the pipeline and energy sector with:

  • 140 in 2011
  • 197 in 2012
  • 257 in 2013
  • 243 in 2014.

There are tens of thousands of incidents out there, Gray said, including network mapping, denial of services, stolen or denied capabilities, intellectual property loss, and national security type incidents. Threats, advanced persistent threats, come from profit-motivated criminals to country-level threats reported in the news.

Defense in depth strategies are recommended to lower organizations' risk to cyber security vulnerabilities, Gray said.

- Mark T. Hoske, content manager, CFE Media, Control Engineering, mhoske@cfemedia.com.

ONLINE

Learn more about ICS-CERT.

See the Control Engineering cyber security page.

Also search ICS-CERT atop www.controleng.com.

See additional coverage from the CSIA Executive Conference linked below.



No comments
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by...
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Sensor-to-cloud interoperability; PID and digital control efficiency; Alarm management system design; Automotive industry advances
Make Big Data and Industrial Internet of Things work for you, 2017 Engineers' Choice Finalists, Avoid control design pitfalls, Managing IIoT processes
Engineering Leaders Under 40; System integration improving packaging operation; Process sensing; PID velocity; Cybersecurity and functional safety
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

SCADA at the junction, Managing risk through maintenance, Moving at the speed of data
Flexible offshore fire protection; Big Data's impact on operations; Bridging the skills gap; Identifying security risks
The digital oilfield: Utilizing Big Data can yield big savings; Virtualization a real solution; Tracking SIS performance
click me