Web Links Directory - Free human edited web sites directory  - Article Details
STATISTICS
  • Active Links: 293863
  • Pending Links: 858144
  • Todays Links: 9
  • Total Articles: 2460
  • Total Categories: 14
  • Sub Categories: 687

Stuxnet has highlighted the need for monitoring IT and ICS networks for threats

Date Added: December 01, 2011 11:12:57 AM
Author: Astal Mark
Category: Blogs: Internet
Defence targets have long been considered most at risk from targeted attacks, yet this is not the case. In July 2010, the Australian Defence Minister John Faulkner made it clear that defence was not the primary target. Of the security incidents in 2009, more than 2400 ‘were considered to be medium to high risk’, and only 200 were directly related to defence. Others like Alan Dupont, Director of Sydney University’s Centre for International Security Studies, state the risks to infrastructure more directly: ‘A very destructive virus or worm specifically designed to bring down a system like an electricity grid is a very serious threat to modern society.’ This isn’t new. National infrastructure and critical operating systems have long been viewed as vulnerable targets, but before Stuxnet, the risks seemed less real. Stuxnet isn’t really new either. While quite clever, its sophistication mirrors the customised malware, social engineering and phishing techniques commonly used to penetrate enterprise networks and steal IP or data. What made Stuxnet worrying was not its DNA but its intent: to disable utilities and infrastructure, with potentially dire social and economic impacts on the operation and welfare of whole nations. PART OF A PATTERN Stuxnet contains various malware elements but, principally, it uses a Trojan of similar design to the Zeus banking variants. Dark Reading adds this alarming note: ‘Just like commercial application developers, the creators of Zeus run an R&D programme to ensure it can avoid detection and evade the growing number of cyber security measures designed to detect, block and eliminate it.’ Clearly, we need to upgrade our detection technology and check our priorities for threat management. It would appear that the developers of Stuxnet were similarly diligent in understanding the environment in which the software was to operate. Much has been said about the unique security environment of industrial control systems, but is it? Now that most industrial networks are connected to IP networks, it’s time to integrate IT and ICS security monitoring and control activities. As is true of all security information, for maximum benefit it should be shared, interpreted and responded to from a holistic enterprise-wide perspective. Isolating IT and ICS monitoring activities makes holistic threat management difficult and create security blind spots. Managers of ICS systems won’t see the (perhaps vital) connection between risky events occurring in their IT networks and separately in their ICS systems. To avoid such blind spots, Security Information and Event Management (SIEM) systems are increasingly used to correlate events across the information silos and to standardise threat management, event interpretation and compliance policies across both environments. Advanced SIEM systems can monitor virtually any device, and collect and analyse all data types found in IT or industrial networks. The best of them allow users to perform regular queries of data protection to isolate and investigate non-compliant or suspicious activity, in real time. As well as policy-based monitoring for breaches of preset rules or thresholds, some advanced SIEMs can differentiate between normal and abnormal events and then alert on risky activity or behaviour. In the context of protecting critical infrastructure networks, these capabilities to detect unusual system activity can be highly relevant.
Ratings
You must be logged in to leave a rating.
Average rating: (0 votes)
Comments

No Comments Yet.


You must be logged in to leave a Comment.
ARTICLES
How to remove link from Wldirectory
Here is the short description, how to remove your link, if you no longer need it.
Get started with jewellery online shopping and find yourself many discounts and offers to avail
Today, Internet is the most versatile tools in the field of marketing. People generally uses it, as to advertise their business and products, as to attaing more and more money and also to get some merchandise.
Shared Hosting Cons And Professionals
Tie this to the fact that Bluehost offer a one month, full money back guarantee if you are unsatisfied for just about any cause. This would be particularly so as it pertains to multiple web hosting.of datacenters.
Monster Beats Headphones Outlet
A center channel is also included. When you are experienced enough, try your hand on starting your own recording studio.
Are you purchasing quality furniture?
When it comes to purchasing furniture you have so many places to choose from.