Industrial-Control-Systems

Introduction ⭐ >Who are these adversaries? They may be competitors, criminals, spies, unhappy employees, terrorists, or troublemakers. They may be motivated by money, revenge, or political beliefs, to name a few. There are numerous ways adversaries collect information. Some of the more common methods include social engineering, phishing, accidental disclosure, googling, and dumpster diving. These methods are described over the next few pages followed by some basic countermeasures. Social Engineering👪 Social engineering is a collection of techniques used to manipulate people into revealing sensitive or other critical information. Those who engage in social engineering rely on the humans’ natural tendency to trust. In fact, it’s often easier for an adversary to obtain information by simply asking the right questions than using technical hacking methods. Social engineering is sometimes conducted by phone. The caller may pretend to be someone in a position of authority or a telephone or computer technician, gradually pulling information out of the targeted person. Often the adversary will call several employees and piece together enough information to launch an attack. Help desk employees are often targeted by an adversary because they’re trained to be friendly and provide information. Social engineering can also occur through online social forums, at professional conferences, and at non-work social events, to name a few examples. The first objective of an adversary attempting social engineering is to convince you that they are in fact a person that you can trust with critical information. Phishing Phishing scams may be the most common types of social engineering attacks used today. Most phishing scams demonstrate the following characteristics: ...

Cybersecurity Practices Incorporating cybersecurity practices into your daily life can prevent the disclosure of critical information (CI) to potential adversaries. If you’re thinking, “But I work in a control system environment; control systems don’t store CI,” then consider our definition of CI: Information that if disclosed would have a negative impact on an organization. It includes not only trade secrets and technical specs, but also sensitive information such as the process used by systems(e.g., commands and access points), financial data, personnel records and medical information. ...

Learning Objectives As some of you may be aware, solid cybersecurity practices have a broad impact. It’s critical to include as many solid risk mitigation strategy as feasible into your daily routine. Cybersecurity methods are used in a variety of professions and situations, as well as in your personal life. Focus on the few things like Describe cybersecurity practices and why they are important. Describe common information-collection techniques and how to protect yourself from them. ...

Introduction What is and is not allowed in a secured area, such as a control system environment, varies from organization to organization. This section will cover some of the most common equipment do’s and don’ts. Computers💻 In many control system environments, computers that are not needed for control system operations are not allowed in the control room. One reason for this is that email, websites, and files from home are common sources of malware(viruses,Trojan horses spyware). ...

Introduction Some real-life examples of poor information protection😝 SONY 2011/2014 Sony was attacked in April 2011 and then again in December 2014. They failed to implement recommended security controls. The biggest mistake Sony made that led to the PSN hacks was its organizational complexity and a lack of proper security support at the board level. It was found Sony’s data was being stored in an unencrypted format and they had also failed to use firewalls to protect networks. They were also caught using obsolete web applications. Sony said in 2011 that they were going to increase their security, but they never did. 1. PlayStation Network Finally Allows Name Changes, First One’s Free 2. Sony Has Sold Half of Its Spotify Shares 3. Case Study: Critical Controls that Sony Should Have Implemented J.P. MORGAN 2014 In the spring of 2014, hackers stole the login credentials for one of the employees at J.P. Morgan Chase, a leading global financial services firm. Those attackers then exploited an oversight–the bank’s security had forgotten to implement two-step verification (2SV) on one of the network servers–to gain access to J.P. Morgan Chase’s corporate network. ...