Author: Michael Pyle Schneider Electric Blog
When power grids, water networks and gas utility systems are targeted by cyberattacks, systems that are essential to our everyday lives are affected. While the damage potential due to external attack sources is alarming, insider threats also exist and constitute an attack vector that is difficult to monitor and control.
Sources of insider threats can include current and former employees, partners, vendors or anyone else who at one time was granted access to proprietary or confidential information from within the organization. Although not all of these insider attacks are intentional, any such attack on an OT (Operational Technology) system can result in loss of data / trade secrets, equipment damage, lost revenues, and even personal injury.
Motivation for such attacks includes financial gain, political ideology, a desire for recognition or public attention, fanatical loyalty to country, or a simple act of revenge. Unfortunately, many infrastructure organizations today have yet to implement proactive security controls to monitor areas that govern unauthorized access.
How key infrastructure systems can be affected
Consider how these threats can manifest themselves on industrial control systems. An individual with an engineering background and insider knowledge of electric transmission or distribution systems could induce blackouts or destroy equipment. In a publicly released intelligence note from the US Department of Homeland Security, officials caution that “violent extremists have, in fact, obtained insider positions,” and that “outsiders have attempted to solicit utility-sector employees” for damaging physical and cyberattacks.
That same Homeland Security Office of Intelligence and Analysis report points out that water systems and natural gas infrastructures are also at risk. In 2011, a lone water treatment plant employee is alleged to have shut down operating systems at a US wastewater utility, in an attempt to cause a sewage backup for the purpose of damaging equipment and creating a buildup of methane gas. Fortunately, automated safety features prevented the methane buildup and alerted authorities who apprehended the employee without incident. Another employee, recently fired from a US natural gas company, allegedly broke into a monitoring station of his former employer and closed a valve, disrupting gas service to nearly 3,000 customers.
Three precautions for reducing risk
Protection against insider threats requires an organization to first adapt a paradigm of deterrence as opposed to detection. Detection, which is a common tool in combatting external cyberattacks, can, in the case of an insider threat, sometimes occur long after the threat has been executed, resulting in business disruption losses. Deterrence is strengthened when the following three strategies are executed:
A best practice to counteract these insider threats, is to conduct a mandatory training program for all employees. Proper training will assist employees in recognizing and flagging possible trigger behaviors (introversion, intolerance of criticism, lack of empathy, reduced loyalty, excessive greed, to name a few) that may be demonstrated by high risk individuals.
To learn more about how Schneider Electric security experts can help you to lower the risk of potential insider cyberattacks, download the “Strategies for Recognizing and Preventing Insider Attacks on Industrial Control Systems” white paper.
Author: Tom's Hardware Le batterie a litio-ferro-fosfato (LFP) rappresentano una soluzione efficace per automobili di…
Author: GAMEmag Prosegue la serie di licenziamenti che hanno contraddistinto il 2024 come l'anno peggiore…
Author: IlSoftware Kyutai è il primo laboratorio di ricerca indipendente sull’intelligenza artificiale in Europa, inaugurato…
Author: Hardware Upgrade Il pericolo principale del mondo informatico? Secondo Cohesity è il ransomware, che…
Author: klatsch-tratsch Brad Pitt war am Donnerstag der Star von Silverstone. (jom/spot)Imago Images/PanoramiC / Imago…
Author: Stars Online A Travessia Global Ocean Cascais 2024 decorreu na Baía de Cascais, atraindo…