Cyber attacks targeting industrial control systems are on the rise, according to a US government cybersecurity official. Crucially, a rise in the number of attacks that succeed in penetrating these industrial systems are also on the rise, compared to last year.
Industrial control systems are basically computers that have control over operations in an industrial process. This is common for any large-scale industry, from a brewery to a potato chips factory and even energy plants. The reason they’re vulnerable to successful penetrating attacks is because they are connected to the internet, according to a report by Reuters.
Marty Edwards, head of the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, also known as ICS-CERT, says his department is seeing “more and more” attacks that are penetrating security measures to gain access to that “control system layer.”
ICS-CERT is tasked to help US companies and firms investigate suspected cyber attacks on corporate networks as well as industrial control systems.
The recent incident of a Ukrainian power outage finding its origins from a cyber attack triggered from Russia has the cybersecurity industry actively looking into critical infrastructure security.
For instance, some experts who were among 300 critical infrastructure security specialists at the S4 conference in Miami noted that the power outage via a cyberattack in Ukraine now has US companies posing questions if their own systems are vulnerable to such attacks.
Edwards sees direct internet connectivity for industrial control systems is the culprit.
I am very dismayed at the accessibility of some of these attacks…they’re just hanging right off the tubes,” he stated during the conference.
Another critical infrastructure analyst, Sean McBride said the increase in cyber attacks may come from an increased awareness over the risks of cyberattacks. Essentially, he claims that malware operators and authors are finding new ways to come up with disruptive malware and other infections.
He further added that the intent of these attacks, which come without demands, are still unknown.
In an alert issued this week, ICS-CERT said that the malware that struck the power installation in Ukraine was identified as BlackEnergy 3. The same variant, according to the Response Team had previously infected some critical infrastructure operations in the US.
Image credit: Wikimedia.