Mark Weatherford, deputy undersecretary for cybersecurity at the Department of Homeland Security's National Protection and Programs Directorate, warned that threats to industrial control systems (ICS) are on the uptick.
Weatherford made the comments while speaking at the University of Rhode Island which recently received National Centers of Academic Excellence for Information Assurance Education honor by DHS and the National Security Agency.
“We pay particular attention to industrial control systems. We’re seeing a troubling increase in the threats and the vulnerabilities associated with those. But we are making progress on that, I think,” Weatherford said.
ICS systems provide operations control for critical infrastructure and production networks including manufacturing facilities, refineries, hydroelectric and nuclear power plants.
One of the main challenges in protecting these networks is the fact that these systems were not necessarily designed with cybersecurity in mind. Rather, the security solutions have been layered on in a piecemeal fashion after the networks were operational, leaving ample room for attackers to compromise their functionality.
Weatherford noted the the availability of advanced hacking tools and knowledge bases available on the Internet does not make the task of securing critical infrastructure any easier.
“Go out and do a Google search on hacking tools and you’ll get a gazillion hits in less than a second,” Weatherford said.
One of the principle strategies for combating the increase in threats is the development of public-private threat monitoring and data sharing initiative. The National Cybersecurity and Communications Integration Center (NCCIC) provides just such a service.
“The collaboration, sharing of incident, of vulnerability information is truly magic," said Weatherford.
Other similar programs for monitoring critical systems and sharing threat data have been developed through collaborative efforts in the private secotr.
The LIGHTS program was created as a means of addressing security for smaller industrial operations and utilities. LIGHTS is a non-profit membership program run under Energysec that sets a consistent open-source-baseline approach to securing smaller industrial facilities.
Since most smaller facilities may not have the resources or expertise to effectively manage their security operations, LIGHTS MSSPs provide reduced-rate management services to members.
An additional benefit to both the member and the broader community is the option to share anonymized metadata characterizing their experience with analysis centers such as the NESCO Tactical Analysis Center (TAC).
Also key to improving the nation's security posture is the passage of cybersecurity legislation. Currently, there are dozens of bills at one stage or another that have been submitted for consideration in both houses of Congress.
“Our nation cannot improve its ability to defend against cyber threats unless certain laws are updated,” Weatherford insists.
Both Congress and the White House have come under considerable criticism for the slow pace of progress when it comes to passage of cybersecurity legislation.
“It’s been a pretty eye-opening experience. There are a number of people in the legislature who really do get this and understand the criticality of what we’re doing,” Weatherford said of the process.