Utility Vulnerabilities: Critical Infrastructure Safeguards
Posted on May 6th, 2015
Understanding malware attacks and other cyber security concerns are imperative to both personal and national security. Professionals need to pay close attention to the information released to maintain a high security posture. In July of last year in response to a Freedom of Information Act (FOIA) request the DHS confused Operation Aurora with The Aurora Project and released confidential information. This was a critical error that could be costly for organizations.
Operation Aurora, is a malware attack that took place in 2010. The Aurora Project, despite having a similar sounding name, is not a malware attack at all but rather a research effort from the Idaho National Laboratory who recorded a video that demonstrated the ease at which a cyber attack could infect power and water utilities.
In the wake of recent and increasingly complex attacks it has been questioned whether a major attack on our critical infrastructure is next. The ease with with confidential information can be leaked is one of the many reasons why understanding critical infrastructure safeguards are more important than ever before.
The Aurora Project: What is an Aurora Attack?
An Aurora attack describes a situation where a circuit breaker or breaker system is opened and closed, resulting in the type of out of phase condition that can damage alternating current equipment connected to a power grid. The associated threat then creates a situation where generators are rapidly disconnecting and reconnecting to the grid, but out of phase. This type of situation can have devastating effects on system operation, particularly with regards to power and water companies. Infrastructure and equipment could be heavily damaged or destroyed, leaving a costly and unfortunate situation that could negatively affect the lives of millions of consumers.
Real Attacks: Stuxnet & Shamoon
An Aurora attack isn't the only vulnerability that utility providers need to concern themselves with. Stuxnet is a type of malware worm, discovered in June 2010, designed to attack industrial programmable logic controllers. Targeted at Iranian computers, Stuxnet hijacked targeted computers to cause physical destruction on centrifuge equipment that the computers controlled. Stuxnet was the first zero day attack that proved that high level destruction that is possible. Believed to be in response to Stuxnet, a computer virus known as Shamoon wiped the hard drives on tens of thousands of computers belonging to Saudi Aramaco in 2012.
Important Critical Infrastructure Safeguards
The seriousness of these attacks proves that the importance of critical infrastructure safeguards cannot be overstated. Legacy systems present a huge vulnerability that continues to grow as systems continue to age. Upgrading legacy infrastructure is a costly proposition, as these are generally mission critical operations that would seriously interfere with day to day operations. Developing a replacement plan that can phase in over time is important.
The development of an actionable response plan is critical for utility companies in the event that a cyber attack does occur. Plans need to clearly define the responsibilities of all IT staff members. Response plans should also test control system devices and communication techniques to help make sure that everything is operating as efficiently as possible at all times.
One of the real keys to preventing devastating cyber attacks is to place proper security controls around your systems. The right partner can help you in choosing the right technology for your organization and in developing a plan for the future. TVAR Solutions is a value added reseller with a deep level of security knowledge to develop comprehensive protection and future infrastructure plans. TVAR works with best in class technologies like Fortinet, to determine the best solutions for the unique requirements for each organization.
Questions/Comments? Contact email@example.com
4/16-18 Cross Domain Technical Forum
4/17 USDA Fort Collins Tech Expo
5/13-16 DOE Cybercon
5/28-31 NLIT Summit
Purchasing Information GSA Schedule: GS-35F-0438T
©2019 TVAR Solutions