Kevin Wilkins CISSP – Chief Technology Officer

I ran into this one while reading the daily rags.

They mention security fundamentals and a security standard (ISA/IEC-62443, formerly ISA-99) targeted to Industrial Automation and Control Systems (IACS)/SCADA.

They also mentioned a watering hole attack where equipment vendor websites are hacked then seeded it with malware.  Perhaps it was set up as a drive-by, perhaps documentation was replaced by copies containing embedded exploits, maybe hackers replaced firmware and control applications with packed malware.

If they did it right, everything would still work.  For a while.

I’d bet these vendor websites are allowed in the firewall, even if nothing else is.  And there is a feeling of trust and comfort – the plant engineers probably go there frequently as part of their day-to-day tasks.

Maybe we won’t all die as long as vendors maintain a high level of security diligence with their published product.  Plant operators must also maintain strict air-gaps and only introduce things into production that have been run through tests and simulations in a lab environment.  Too much to ask?

I didn’t read the Power Grid section yet.  It was a dark and stormy night.