"In our "Q2/Q3 Ransomware Index Update," Securin (formerly Cyber Security Works) researchers mapped out the impact of ransomware on industrial control systems (ICS) deployed in critical infrastructure establishments. They identified the three most at-risk sectors: healthcare, energy, and manufacturing. Our researchers also examined 16 ransomware vulnerabilities and the bad actors who exploit them, such as Ryuk, Conti, WannaCry, and Petya. We have included a table at the end of the article with the full list of vulnerabilities and impacted vendors.

With each successful attack, ransomware groups grow bolder and target industries that can cause the most pain to exploit the crises for maximum extortion. Understanding the threat actors and their methods is the key to protecting critical industries and maintaining smooth operations. #infrastructure #healthcare #cybersecurity #energy #manufacturing #industries #industrialsecurity #malware #ransomware

https://www.darkreading.com/ics-ot/ransomware-s-favorite-target-critical-infrastructure-and-its-industrial-control-systems

Dale Petersen: "Resilient and it's derivatives appears 8 times in the short fact sheet and 68 times in the 35-page strategy document. Despite this wise focus on resilience, there are no objectives or approaches or actions suggested related to the critical infrastructure being able to function at some minimal required level in some time period after a cyber incident.

Acting NCD Walden tees it up well in a speech at CSIS:

Resilience meaning that when defenses fail, which they sometimes will, the consequences are not catastrophic and recovery is seamless and swift. Cyber incidents shouldn't have systemic, real world impacts.

And then nothing in the strategy to address an attack that succeeds, "which they sometimes will", not having an unacceptable consequence? Baffling. How can this be one of the three main items in the executive summary, and the strategy have no actions related to this?

The real question though is what would have happened if the ICS that monitored and controlled Colonial's pipelines was down for 2 weeks or 2 months or 1 year. How would we have delivered gasoline and jet fuel if that ICS was not available, or needed to be completely rebuilt? I've been hoping the government is focused on that. Since it is nowhere in the strategy it appears they are not. It's not easy facing these terrible possible situations, and saying they are a potential reality that we have to plan for and be prepared to live through.

One big part of the National Cyber Strategy should be the ability to continue on in the event a cyber attack succeeds. It's difficult for any one company or even an industry consortium to do because it is more than a business risk, it is a societal risk. " #business #strategy #infrastructure #cyber #cybersecurity #cyberattack #criticalinfrastructure #industrialsecurity

https://www.linkedin.com/pulse/big-miss-national-cybersecurity-strategy-dale-peterson/

For those in the #industrialsecurity world and watching for new advisories, #CISA released four Industrial Control Systems Advisories:
- ICSA-23-017-01 GE Proficy Historian
- ICSA-23-017-02 Mitsubishi Electric MELSEC iQ-F, iQ-R Series
- ICSA-23-017-03 Siemens SINEC INS
- ICSA-22-347-03 Contec CONPROSYS HMI System (CHS) (Update A)

https://www.cisa.gov/uscert/ncas/current-activity/2023/01/17/cisa-releases-four-industrial-control-systems-advisories | #CriticalInfrastucture

This water treatment plant for a town I'm working on has never had locked doors... I mean come on really. (I'm authorized to be here)
#security #infosec #informationsecurity #industrialsecurity