All Articles by Paul Scott
ENISA Releases Threat Landscape Report
On October 27th, European Network and Information Security Agency (ENISA), produced their annual threat landscape overview for 2021. This document focuses on prime threats, key trends, recommendations, and other key information regarding the development of the cyber world. This document also emphasizes that cybercrime has increasingly targeted and impacted critical infrastructure. ENISA states that both transportation and energy sectors have been impacted by cybercrime attacks. An example that the article expands on is the attack on the Colonial Pipeline by the ransomware group Darkside which impacted both the IT network and ICS operations. [1] To successfully design and maintain a security system, one must have a high level of awareness of not only their own threat landscape, but the threat landscape of others as well. The information included in this document can be useful to anyone wishing to increase their overall knowledge and awareness of current cybercrime threats.
InformationWeek Article Discusses Key Elements to OT Security Success
InformationWeek published “key to defending operational technology” by Ken Yee. The article recommends replacing old legacy OT systems, creating an enforceable policy, and prioritizing investment in cybersecurity. Overall, Yee emphasizes that collaboration of multiple layers of cybersecurity is the true key to minimizing the detrimental uncertainty that OT systems face [1]. While the items discussed by Yee have largely been repeated for years, the fact that a publication such as Information Week, which reaches mainstream IT practitioners, is dedicating space to cover them is indicative of growing awareness.
Skybox Report on OT Security
Skybox Security produced a research report on the OT cybersecurity risk and how it is drastically underestimated. This report covers key elements that play a role in the lack of OT cybersecurity. A portion covers the risks associated with third party relationships. The article states that the network access third parties are granted, as well as the lack of monitoring and trust, should be concerning for most companies [1]. This report is similar to many others that cover the obvious lack of security in place in most OT environments. Although much of this material may be review, it still increases overall awareness and can draw a new perspective.
NAES and ABS Consulting Offer Combined Industrial Cybersecurity Solutions
One of the energy industry’s largest independent services companies, NAES, announced a partnership with ABS Consulting, a leading global risk management and cybersecurity services company. Combining ABS’ risk management and cybersecurity skills with NAES’ maintenance and engineering experience, the companies plan to exceed the requirements of North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and satisfy the individual needs of their future customers [1]. Seeing major players like NAES and ABS Consulting partner against the advanced persistent threats targeting critical infrastructure is the latest in a series of teaming announcements -- highlighting the importance of collaborative approaches.
Staying Vigilant Through the Holidays
The FBI and CISA are reminding critical infrastructure operators to remain vigilant through the holidays and weekends. The article states that APT’s could likely strike at this time, given that the majority of employees are not working. They recommend reviewing both the incident response plans and communication plans for those physically away from the company [1]. We have seen that APTs are more likely to attack at times when there are fewer employees at work, such as the weekends and holidays. With this in mind, critical infrastructure operators should review their incident response for the upcoming holidays to ensure the best plan of action is taken in case of an incident. Below are some sources for supplemental guidance [2, 3].