Operators of critical infrastructure and manufacturing in the US have received a warning from The FBI and Homeland Security Department about cyber criminals targeting them. The cyber-attacks have been limited to administrative and business networks, but are ongoing. Edgard Capdevielle, CEO at Nozomi Networks commented below.
Edgard Capdevielle, CEO at Nozomi Networks:
“Targeting engineers with phishing messages is pretty straight-forward and, if successful, could be extremely damaging. In tandem, while air-gapping offered a degree of protection, the way our nuclear plants, and any infrastructure for that matter, is maintained today means this practice is defunct. We often see engineers ‘plugging’ in their own devices to perform diagnostic checks. Should that person’s device have been compromised, this action could unleash malware directly into the heart of each component being checked, which then crawls and burrows deeper into the infrastructure. Plant managers need to be able to identify and close down anomalous behavior before damage is done. Advanced monitoring and anomaly detection solutions provide actionable intelligence that enable them to identify intrusions and take immediate steps to ensure uptime and resilience of their critical operational technology (OT) environments.”