Title: Protecting Critical Infrastructure from Cyber-attacks
Presenter: Tom Kellermann, Vice President of Security Awareness
Date: May 11, 2010 at 9:45am
Location: Johns Hopkins University Montgomery County Campus, Building 3
Link to Event: http://marylandinfragard.eventbrite.com/
Overview:
The U.S. electrical grid and financial markets have long maintained an acceptable level of engineered resilience in the physical sense, but the continued introduction of IT-based control systems and Internet-based technologies have introduced an entirely new and hazardous opportunity for remote cyber-attacks to be carried out against our critical infrastructures.
The business continuity and resiliency movement following 9/11 has exacerbated the cyber-security posture of these assets via the addition of remote backup data centers, increase in remote users and the use of wireless technologies – dramatically increasing the number of avenues by which hackers can now access these once closed systems.
When one discusses the various breeds of cyber-threats that might affect our national infrastructure, the most common perception is that denial-of-service attacks are the biggest concern, but the truth is that type of threat, while ominous, is arguably superseded by the potential for attacks that could turn infrastructure control systems against themselves or manipulate financial markets.
If organizations in the critical infrastructure space are truly serious about meeting their existing mandate to improve IT security from industry regulators and want to understand the most effective manner of rapidly improving their ability to prevent attacks, they must take on the role of an outsider and actively probe their own weaknesses to prioritize risks. Understanding how these systems can manipulated by remote adversaries is paramount to managing the operational risk in today’s hostile digital world.
