According to a threat report by industrial cybersecurity firm Dragos, cybersecurity risks to the safe and reliable operation of industrial control systems (ICS) have never been greater.
Industrial control system is a general term used to describe the integration of hardware and software with network connectivity in order to support critical infrastructure. ICS technologies include, but are not limited to, supervisory control and data acquisition (SCADA) and distributed control systems (DCS), industrial automation and control systems (IACS), programmable logic controllers (PLCs), programmable automation controllers (PACs), remote terminal units (RTUs), control servers, intelligent electronic devices (IEDs) and sensors.
Wormable ransomware such as WannaCry and NotPetya gave notice to ICS owners and operators that industrial networks are far more connected to the IT environment than many realized.
Before 2017, only three families of ICS-specific malware were known, which were Stuxnet, BlackEnergy and Havex, but in the past year, two new ICS-specific malware samples were discovered – Trisis and CrashOverride.
CrashOverride was the first malware to specifically target and disrupt electricity grid operations and led to operational outages in Kiev, Ukraine in 2016, although it was not definitively discovered until 2017.
Trisis was the first malware to specifically target and disrupt safety instrumented systems (SIS) that are designed to avoid dangerous situations, and is the first malware ever to specifically target, or accept as a potential consequence, the loss of human life, the report said.
By targeting SIS, an adversary can achieve multiple, potentially dangerous impacts, ranging from extensive physical system downtime to false safety alarms, physical damage and destruction.
Cybersecurity professionals believe the upswing in cyber attacks on Industrial Control Systems is due in large part to the connectivity trend as part of the Internet of Things (IoT) movement. Reaching out to other devices has made ICS more vulnerable.
Obviously, organizations using an ICS need to shore up their cybersecurity. However, there are challenges such as accurately assessing risk management. Studies indicate many organizations do not know if they are running the software containing the flaws attackers are exploiting.
Another challenge in securing ICS is that IT departments and IT security teams are not always involved in ICS procurement, installation and maintenance. This can leave IT in the dark about what control systems are being used and where – and there is seldom a reliable inventory.
Industrial Control System Cybersecurity Seminars
Tonex offers ICS Cybersecurity Training, a 4-day course that is designed for security professionals and control system engineers in order to provide them with advanced cybersecurity skills and knowledge in order to protect the Industrial Control System (ICS) and keep their industrial operation environment secure against cyber threats.
Tonex also offers a related course, Industrial Control System (ICS) and SCADA Cybersecurity Training, a 3-day class designed by our professionals in cybersecurity and power system area to use standard cybersecurity approaches that can be implemented to ICS and SCADA which will last for long period of time.
Who Should Attend
- Control engineers, integrators and architects
- System administrators, engineers who secure ICS
- Information Technology (IT) professionals who administer, patch or secure ICS
- Security Consultants who perform security assessment and penetration testing of ICS
- Managers who are responsible for ICS
- Researchers and analysts working on ICS security
- Information technology professionals, security engineers, security analysts, policy analysts
- Investors and contractors who plan to make investments in ICS
- Technicians, operators, and maintenance personnel who are or will be working on ICS Cybersecurity projects
–So far we have helped over 20,000 developers in over 50 countries stay up to date with cutting edge information from our training categories.
–Tonex and its instructors are recognized as leaders in the security industry.
–Ratings tabulated from student feedback post-course evaluations show an amazing 98 percent satisfaction score.
Contact us for more information, questions.