Assessment and Threats: Protecting Your Company from Cyber Attacks
Now, it’s time to start protecting your company.
The first step? ASSESSMENT
In our first presentation, you learned about the history of cyber attacks and how recent
escalation shows that businesses in industrial control infrastructure must take action.
Before you can close security gaps in your control systems, you must
develop a baseline of operations.
You have to find problems before you can fix them.
Any good assessment begins with an inventory.
A physical walk-down of your networks and devices should be the first step of any
Look at your network platforms and ask yourself:
• What versions are being used?
• Are they up to date?
• Are they patched?
• Are they still supported by the operating system vendors or the actual control
Look at your devices and controls and ask yourself:
• What do I have, and are they updated
• If they are not updated, are they protected?
• What are they protected by?
• Is someone paying attention to and analyzing the logs the security system
Beyond physical examination, you can also use analytical
techniques to evaluate how vulnerable your systems are.
By PENETRATION TESTING, you can simulate an attack from internal or external
sources in order to evaluate your network.
Through a VULNERABILITIES ASSESSMENT, you can find, evaluate, and in some cases,
rank the risks in a system.
After inventory comes monitoring.
You must be cognizant of device interconnectivity when installing securing devices,
such as HMIs, PLCs and all SCADA-driven devices. And they need to be consistently
monitored to protect against the many different types of threats that exist in today’s
think of viruses. But
in cyber space,
takes many forms…
TYPES OF MALWARE:
Viruses: Any malware spread through computer
networks through human action or self-replications.
Worms: A subset of viruses, worms are designed to
spread autonomously throughout a network, and their
goal is to maximize proliferation without detection.
They can be used to gain information and relay it to
some point outside of the corporate network.
Trojan viruses and backdoors: These grant external
access to control systems. Using these pieces of
software, individuals can code remotely, gain access
to, and in some cases, even assume control of assets.
Spyware and rootkits: These are pieces of software
that hide their presence on infected systems. They
could open a window into confidential data, change a
computer’s reporting capabilities, or even provide
remote administration capabilities.
Blended Threats: These combine two or more types
of malicious software.
While professional and
cyber criminals can use
malware to execute
attacks, not all attacks
are targeted. Accidents
happen, and these types
of malware are just as
dangerous in the hands
of unsuspecting civilians
Individuals are randomly targeted every day, receiving malware in personal emails or
downloading it unintentionally from infected websites. It’s when these personal
emails find their way into corporate systems that problems occur.
Download our brief on cyber security!
Learn more about Industrial Cyber Security at