Kevin Wilkins CISSP – Chief Technology Officer
I ran into this one while reading the daily rags.
They mention security fundamentals and a security standard (ISA/IEC-62443, formerly ISA-99) targeted to Industrial Automation and Control Systems (IACS)/SCADA.
They also mentioned a watering hole attack where equipment vendor websites are hacked then seeded it with malware. Perhaps it was set up as a drive-by, perhaps documentation was replaced by copies containing embedded exploits, maybe hackers replaced firmware and control applications with packed malware.
If they did it right, everything would still work. For a while.
I’d bet these vendor websites are allowed in the firewall, even if nothing else is. And there is a feeling of trust and comfort – the plant engineers probably go there frequently as part of their day-to-day tasks.
Maybe we won’t all die as long as vendors maintain a high level of security diligence with their published product. Plant operators must also maintain strict air-gaps and only introduce things into production that have been run through tests and simulations in a lab environment. Too much to ask?
I didn’t read the Power Grid section yet. It was a dark and stormy night.