Corporate sector star wars
The recent trend in power generation resources moving from very large facilities to a number of smaller ones does not have an impact on the magnitude of the threat. “Taking down generation would have a bigger impact than distribution, for instance, it’s not something that can be done easily.” “Each of these segments has its own characteristics,” Stirparo said. In terms of the threat environment, there are three operational segments within the utility industry: generation, transmission and distribution. Of those 15 active AGs, 11 of them are targeting utilities, and two of those possess enough ICS-specific capabilities and tools to cause disruptive events, Stirparo said. These attributes combine to create a construct around which defensive plans can be built,” the report states. The goal … is to delineate an adversary by their observed actions, capabilities and demonstrated impact-not implied or assumed intentions. An activity group (AG) is identified “based on observable elements that include an adversary’s methods of operation, infrastructure used to execute actions and the targets they focus on. “Always it was a disguised conversation … As of August 16, at least 150 electric utilities serving almost 90 million Americans have adopted or committed to adopting technologies” to improve security.ĭragos currently is tracking 15 “activity groups” of hostile or potentially hostile actors, said Pasquale Stirparo, principal adversary hunter at Dragos and author of the report. “This is one of the things that caught me off guard: It’s the first time I’ve seen an administration call out OT systems” for improved security, he said.
It’s a positive development that the government recognizes the fact that future threats will be based on the growing connectivity between ICS and the internet, he said. He commended the Biden administration for releasing a 100-day plan in April specifically aimed at strengthening the security of utilities’ ICS and the energy sector supply chain. Oftentimes, security is left in the lurch.”
Corporate sector star wars how to#
now it’s blending itself into more edge cases, the cloud, for instance, or how to get more data into our networks. “It’s all for business cases-to get real-time data, and to be able to send it back to the operators. The trend “comes with business justifications,” Christopher said. Historically, utilities’ ICS were “islanded,” said Jason Christopher, principal cyber risk adviser at Dragos, but over time the connections to the internet have been growing. Those are two of the high-level conclusions of a new report, “Global Electric Cyber Threat Perspective,” released by Dragos Inc., a Maryland company that specializes in industrial cybersecurity. Utilities worldwide have been strengthening their security against threats to their IT networks but have not paid enough attention to their industrial control systems (ICS) and operational technology (OT) systems. The global electric utility sector is facing an increasingly dangerous cyberthreat landscape, even though there hasn’t been a publicly witnessed disruptive attack over the past five years.