Attacks on critical infrastructure The explosion of the Soviet gas pipeline in 1982 was one of the first well-known instances of critical infrastructure being targeted through a software modification that contained a hidden malfunction. In this instance, the Soviets were stealing Western technology and the CIA slipped the flawed software to them without their knowledge. While the explosion itself didn’t cause any fatalities, it did cause some damage to the Soviet economy as per Washinton Post. With the intensification of hybrid warfare, we have seen multiple attacks on ICS-based critical infrastructure in Europe and the Middle East. These attacks were designed not just to destabilize the systems but also to cause a major kinetic impact. No systems or assets are out of bounds today. State-backed actors from countries like North Korea are not just after technology and revenue but also act as conduits for other countries to infiltrate the critical infrastructure of their adversary nations. Read more: Buyers guide to OT/ICS cybersecurity solutions A case study In a recent instance, Sectrio’s Asset Research Team uncovered an anomaly in hardware supplied to a critical infrastructure operator. In this instance, same OEM supplied was supposed to supply the same hardware to two divisions of the same business. However, the hardware supplied to one entity, when examined, showed a deviation that was found to enable a backdoor communication with an obscure server using a now obsolete protocol that was sparingly used in the 90s. The OEM in this case claimed that the anomaly was a generational remnant from an old version. How it made its way to only one piece of hardware and not the other is a question that was not answered to our satisfaction. The hardware belonged to the same batch and even had sequential serial numbers adding to the mystery. This could be a genuine error but it is an error that could potentially be exploited by a bad actor. Supply chain challenges As the Lebanon episode clearly showed, OEMs now have to ensure the integrity of their hardware well beyond their shop floors. ICS/OT operators should also watch out for anomalous behaviors and risky interactions that could jeopardize operations and plant safety levels. One way of offsetting these challenges is to ensure the systems undergo Security Acceptance Tests (SAT) along with Factory Acceptance Tests (FAT). This will ensure the integrity of the assets and call out any security is
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: