Case studies and solutions for energy cyber security
We are pleased to publish links and white papers from solutions providers, these are sponsored to help cover our costs but selected because of their genuine interest and application to the energy sector.
A New Approach to Classifying OT Attacks
Cyber Incident reporting in SCADA systems gives us invaluable insight into the burgeoning threat landscape. Incident case reports help the security community understand what threats we face and thus enable organisations to establish a robust defence strategy. In recent years, there has been an increase in cyber security awareness and the adoption of detection tools. As a consequence, the number of reported incidents and campaigns targeting SCADA networks has increased. In this whitepaper Radiflow dives into several highly publicised security incidents over the past 10 years such as the Triton and Ukraine electricity blackout incidents.
Radiflow believes that the next step in risk analysis for critical infrastructure operators and industrial firms is determining the impact of disclosed vulnerabilities. This should be carried out based on the context of the firm's OT network and business logic related to relevant attacker models.
Experts argue there are issues with existing classification methods. NIST and ICS-CERT, the two major vulnerability disclosure organisations, use scoring standards for assessing security flaws with a bias toward IT networks.
Radiflow’s new white paper discusses this in detail: Meet Your Attacker – Taxonomy and Analysis of a SCADA Attacker.
BAE Systems can help energy organisations to be:
- Safe - by assuring the integrity of operational safety systems
- Aware - by supplying you with market leading intelligence on the threats that face you and your industry, as well as technology/systems that will monitor your networks and detect active cyber threats against you
- Prepared - by helping you to plan for the eventuality of a cyber attack, and ensuring you have processes in place to recover from it when it occurs
- Secure - by protecting data, systems availability, operations, plants and operating infrastructures through the provision of powerful cyber defences
- Competitive and efficient - by enabling visibility of data and intelligence across the enterprise and in converging IT with the OT (Operational Technology) of industrial systems so you can make informed, risk-based decisions promoting growth and maintaining your competitive advantage.
Protect Critical Infrastructure from Supply Chain Attacks
Utility asset owners trust their vendors to supply valid patches and updates – but that trust can be exploited. If attackers can get counterfeit files into the hands of unwitting technicians, they can bypass traditional security measures and gain access to critical systems. Increasingly, attackers are targeting weaknesses in supply chain security to insert and distribute dangerous software.
aDolus provides a platform called FACT™ (Framework for Analysis and Coordinated Trust) for brokering information about software/firmware for critical infrastructure to help energy companies determine if updates are safe to install. FACT aggregates information from vendors, asset owners, system integrators, consultants, and security researchers to build a “FACT score” of trustworthiness. We drill down into packages to detect hidden sub-components, inspect certificate chains, validate versions and provide an authoritative and exhaustive report on all that is known about any given file.
Like a FICO credit score, FACT makes it quick and easy to make critical installation decisions and ensure governance of security processes.