Cybersecurity: Utilities are Contested Territories - Fact or Hype?

SANS Director Allan Paller's recent EnergyBiz opinion piece Utilities are Contested Territories presents illuminating facts driving Advanced Persistent Threat (APT) cybersecurity concerns in utility settings.

• The FBI reeled in 31 major utility executives for some forensic-grade calibration on how their systems have been unknowingly compromised over extended time frames.
• The attacks, also affecting other areas of government and major businesses, are nation-state level in sophistication and persistence.
• Weaponized email is the current preferred technique facilitating ongoing waves of attacks.
• Key defenses were determined insufficient to prevent, detect, deter, and recover from the attacks.

The article goes on to assert that more advanced utilities have learned to treat their environments as though they do not have complete control of their systems as an underlying assumption. Many of these organizations are stated to have an unprecedented level of additional defensive measures now deployed to help manage APT risks (extensive encryption, access controls, monitoring, etc).

A preview, request-only SANS Webcast delving into this topic is scheduled ahead of upcoming 2010 SCADA and Process Control Summit (March 24th - April 1st).

Hurry if you're interested in catching this free, one-time, by request only webcast:

• Exclusive Webcast: Digging Deeper Into The Advanced Persistent Threat March 19, 2010 1:30pm EDT

The Summit's optional workshops (provided by DHS, INL NERC) include a very interesting new full day offering:

• NERC Cyber Risk Preparedness Assessment for the BPS Asset Owners and Operators
  This Summit workshop on April 1st should be of particular interest for utilities further developing cyber security exercises. Will cover useful scenarios to learn from and apply
  - “Each entity will be provided an exercise development kit” -