Last month, the US government’s Cybersecurity and Infrastructure Security Agency (CISA) released two significant warnings. The first of these detailed how APT Cyber Tools were reported to be targeting ICS/SCADA Devices, while the second warned of a specific type of Malware – namely, Pipedream – aimed at Industrial Control Systems.
These kinds of ominous directives from CISA relate directly to a recent Whitepaper from Cerberus Sentinel regarding the Water Sector, and Tackling IT-Security Fundamentals. The water sector has long been a target for hackers hoping to take advantage of the rapid digital transformation it has undertaken, with the water supply of Oldsmar in Florida suffering an attempted compromise from a hacker last year. With specific malwares and APT groups’ being mentioned by Federal agencies as real, credible and potentially nation-state tied threats to ICS, including the water sector, the white paper could not be more timely.
During the course of the paper the Cerberus team cover the following areas of protecting the water sector from the increasing threat:
- How modernization and digital transformation have left the water industry more vulnerable than ever to cyber incidents
- The 15 fundamental controls to embed into an IT security policy which need to be covered by in order to mitigate the associated risks
- The practical components for assessing risk and sharing threat information.
“The geopolitical instability we are all living through, and the associated waves of nation-state backed, or affiliated cybercrime taking aim at America’s core industrial infrastructure is not a problem that is going away anytime soon, and has been with us for some time,” said David Jemmett, CEO at Cerberus Sentinel. “The water sector is amongst the most important areas of ICS we have as a nation, and it is crucial that the industry has access to the available resources to both understand the scale of the problem, and the associated necessary scale of the response: Cybersecurity is ultimately a culture, not a product, and this needs to be understood if we are to keep our economy, infrastructure and freedom sacrosanct in this age of instability.”