According to American media unidentified hackers recently breached at least one US critical infrastructure. “Since May, hackers have been penetrating the computer networks of companies that operate nuclear power stations and other energy facilities.” (The New York Times, July 6th)
“Today we see more attacks on ICS, industrial control systems, and scada systems”, says Robert McArdle, EMEA Threat Research Lead at Trend Micro.
To illustrate how it’s done, Robert McArdle refers to the Belgian company NVISO. NVISO found in Belgium at least nine ICS devices or automation devices on the internet with no identification or what so ever: heating systems, building automation systems, home automation systems, ventilation, .. “None of these are critical national infrastructure. But trust me, almost every country that we look at, has a critical infrastructure online in a way that it is accessible to an attack“, says Robert.
Defending against.. humans
But we’re not defending against code but against humans, using malware as a tool. And that’s a lot trickier to do. It is even more true in case of a targeted attack. This is very important. These attackers have learnt to excel over the years and will always gain access to systems (cloud, server or endpoint).
Most important to remember: “Don’t think of keeping them out, always remember they are probably already in.”
To learn more, watch the presentation of Robert McArdle, EMEA Threat Research Lead at Trend Micro
Also check the blog and presentation of Robert McArdle on the impact of ransomware.