With the ever changing threats
posed by cyber events of any nature, it has become critical to recognize
these emerging threats, malicious or not, and identify the consequences
these threats may have on the operation of an industrial control system
(ICS). Cyber-attacks over time have the ability to take on many forms
and threaten not only industrial but also national security.
Saudi Aramco, the world’s largest exporter of crude oil, serves as a
perfect example depicting how devastating a cyber-attack can truly be on
an industrial manufacturer. In August 2012, Saudi Aramco (SA) had
30,000 personal computers on its network infected by a malware attack
better known as the “Shamoon” virus. According to InformationWeek
Security this was roughly 75 percent of the company’s workstations and
took 10 days to complete clean-up efforts.
The seriousness of cyber-attacks in regards to national security was
addressed by former United States Secretary of Defense Leon W. Panetta
in his speech on October 2012. Panetta issued a strong warning to
business executives about cybersecurity as it relates to national
security.” A cyber-attack perpetrated by nation states [and] violent
extremists groups could be as destructive as the terrorist attack on
9/11. Such a destructive cyber-terrorist attack could virtually paralyze
the nation,” he stated. “For example, we know that foreign cyber actors
are probing America’s critical infrastructure networks. They are
targeting the computer control systems that operate chemical,
electricity and water plants and those that guide transportation
throughout this country.”
In addition to Panetta’s address, the U.S. Department of Homeland
Security has issued several alerts about coordinated attacks on gas
pipeline operators, according to a May 2012 report by ABC News.
This whitepaper will focus on the significance of cyber-attacks on
industrial control systems (ICS) and how these attacks can be prevented
by proper practice of the ICS Cybersecurity lifecycle.