Cybersecurity
Article

NSA & CISA Continues to Expand ICS Cybersecurity Efforts

by
Dynics
November 4, 2022
Download PDF
Get Unlimited Access

You are puchasing a Digital Access Subscription. You will be automatically charged $9.99 every 28 days for one year. Your subscription will continue until you cancel. By subscribing, you are accepting the Automation Alley Terms of Service, Privacy Policy, and Terms of Sale.

SubscribeBecome a Member

Summary

The building anticipation of cyberthreats has organizations like the CISA issuing new guidelines. Automation Alley member Dynics says that while the best paths forward are sorted out, the fact that agencies are taking the initiative to assist ICS cybersecurity is still significant. “I applaud the intent, and anything we can do to mix it up and make it harder for an adversary to compromise an OT system is not to be discarded out of hand,” says Dynics CTO Jeff Smith.

In a recent announcement, the Ukrainian government revealed that it is once again preparing for “massive cyberattacks” that it fears Russian hackers will carry out on critical infrastructure facilities. They also shared their concern for institutions located in allied countries, including Poland and the Baltic States. The target at the top of the list is likely the energy sector considering past breaches of such systems in 2015 and 2016.

NSA AND CISA ADDRESS BUILDING ICS CYBERSECURITY RISK

The building anticipation of this threat has organizations like the CISA issuing guides on topics such as “indicators of compromise,” according to Security Week. Alongside NSA, the CISA has also detailed the 5-step approach that malicious actors typically take when looking to take control of ICS systems, which CSO outlines. The list includes establishing a target that best suits intent, collecting intelligence, putting together the proper techniques, gaining access and, ultimately, carrying out the method of attack.  

Additionally, the joint advisory published measures that security professionals can implement in order to avoid having operations compromised even. With recommendations for each stage of the process provided above, best practices mentioned consist of actions like limiting system information exposure, locating and shielding points of remote access, restricting tools and scripts, conducting security audits and implementing a dynamic network environment. Importantly, Bleeping Computer points out that these procedures take into account the fact that not all operators have access to advanced cybersecurity resources.

Read more here.

Dynics
Dynics

DYNICS traces its beginnings to 1988 with the founding of Ann Arbor Technologies. Established in 1997, DYNICS has 20 years of experience creating quality industrial hardware, data acquisition and visualization software, along with OT Cybersecurity solutions for the industrial marketplace. Dynics proudly designs and builds industrial hardware in our state-of-the-art manufacturing facilities in the United States, and develops software and OT cybersecurity solutions from our headquarters in Ann Arbor, Michigan. Our products are proudly MADE IN AMERICA.

Related
Become a Member