Wednesday, March 17, 2010

Cybersecurity: Utilities are Contested Territories - Fact or Hype?

SANS Director Allan Paller's recent EnergyBiz opinion piece Utilities are Contested Territories presents illuminating facts driving Advanced Persistent Threat (APT) cybersecurity concerns in utility settings.
  • The FBI reeled in 31 major utility executives for some forensic-grade calibration on how their systems have been unknowingly compromised over extended time frames.
  • The attacks, also affecting other areas of government and major businesses, are nation-state level in sophistication and persistence.
  • Weaponized email is the current preferred technique facilitating ongoing waves of attacks.
  • Key defenses were determined insufficient to prevent, detect, deter, and recover from the attacks.
The article goes on to assert that more advanced utilities have learned to treat their environments as though they do not have complete control of their systems as an underlying assumption. Many of these organizations are stated to have an unprecedented level of additional defensive measures now deployed to help manage APT risks (extensive encryption, access controls, monitoring, etc).

A preview, request-only SANS Webcast delving into this topic is scheduled ahead of upcoming 2010 SCADA and Process Control Summit (March 24th - April 1st).

Hurry if you're interested in catching this free, one-time, by request only webcast:

The Summit's optional workshops (provided by DHS, INL NERC) include a very interesting new full day offering: