Aimed at both the novice and expert in IT security and industrial control systems (ICS), this book will help readers gain a better understanding of protecting ICSs from electronic threats. Cyber security is getting much more attention and SCADA security (Supervisory Control and Data Acquisition) is a particularly important part of this field, as are Distributed Control Systems (DCS), Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), Intelligent Electronic Devices (IEDs)-and all the other, field controllers, sensors, and drives, emission controls, and that make up the intelligence of modern industrial buildings and facilities. This book will help the reader better understand what is industrial control system cyber security, why is it different than IT security, what has really happened to date, and what needs to be done. Loads of practical advice is offered on everything from clarity on current cyber-security systems and how they can be integrated into general IT systems, to how to conduct risk assessments and how to obtain certifications, to future trends in legislative and regulatory issues affecting industrial security.
This book is meant to help both the novice and expert in Information Technology (IT) security and industrial control systems (ICS) gain a better understanding of protecting ICSs from electronic threats. The term "ICS" was chosen as ICSs include Supervisory Control and Data Acquisition (SCADA), Distributed Control Systems (DCS), Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), Intelligent Electronic Devices (IEDs), field controllers, sensors, and drives, emission controls, building controls including fire suppression, thermostats, and elevator controls, and meters including business and residential automated metering. For the purpose of this book, ICSs also include safety systems. The term "electronic threats" was chosen rather than cyber security because there are electronic threats to ICSs beyond traditional cyber threats. Additionally, the book is about protecting the mission of the ICS - a compromise of a computer that isn't critical to the mission of the control system may be a cyber security event, but it is not of importance. The term "protecting" was chosen as this not a book on how to attack control systems. From a cyber perspective, they are very brittle and attacking them is not rocket science. On the other hand, protecting them while at the same time maintaining their mission can be rocket science. The term "it takes a village" can be applied to securing ICSs as Operations alone cannot do this. It takes a team of ICS expertise, IT security expertise, telecom knowledge, networking, ICS and IT vendor support, and most of all senior management support to make this work. I hope you find the book of interest. Respectfully, Joe
As industrial control systems (ICS), including SCADA, DCS, and other process control networks, become Internet-facing, they expose crucial services to attack. Threats like Duqu, a sophisticated worm found in the wild that appeared to share portions of its code with the Stuxnet worm, emerge with increasing frequency. Explaining how to develop and implement an effective cybersecurity program for ICS, Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS provides you with the tools to ensure network security without sacrificing the efficiency and functionality of ICS. Highlighting the key issues that need to be addressed, the book begins with a thorough introduction to ICS. It discusses business, cost, competitive, and regulatory drivers and the conflicting priorities of convergence. Next, it explains why security requirements differ from IT to ICS. It differentiates when standard IT security solutions can be used and where SCADA-specific practices are required. The book examines the plethora of potential threats to ICS, including hi-jacking malware, botnets, spam engines, and porn dialers. It outlines the range of vulnerabilities inherent in the ICS quest for efficiency and functionality that necessitates risk behavior such as remote access and control of critical equipment. Reviewing risk assessment techniques and the evolving risk assessment process, the text concludes by examining what is on the horizon for ICS security, including IPv6, ICSv6 test lab designs, and IPv6 and ICS sensors.
From the researcher who was one of the first to identify and analyze the infamous industrial control system malware "Stuxnet," comes a book that takes a new, radical approach to making Industrial control systems safe from such cyber attacks: design the controls systems themselves to be "robust." Other security experts advocate risk management, implementing more firewalls and carefully managing passwords and access. Not so this book: those measures, while necessary, can still be circumvented. Instead, this book shows in clear, concise detail how a system that has been set up with an eye toward quality design in the first place is much more likely to remain secure and less vulnerable to hacking, sabotage or malicious control. It blends several well-established concepts and methods from control theory, systems theory, cybernetics and quality engineering to create the ideal protected system. The book's maxim is taken from the famous quality engineer William Edwards Deming, "If I had to reduce my message to management to just a few words, I'd say it all has to do with reducing variation." Highlights include: - An overview of the problem of "cyber fragility" in industrial control systems - How to make an industrial control system "robust," including principal design objectives and overall strategic planning - Why using the methods of quality engineering like the Taguchi method, SOP and UML will help to design more "armored" industrial control systems.
The increased use of technology is necessary in order for industrial control systems to maintain and monitor industrial, infrastructural, or environmental processes. The need to secure and identify threats to the system is equally critical. Securing Critical Infrastructures and Critical Control Systems: Approaches for Threat Protection provides a full and detailed understanding of the vulnerabilities and security threats that exist within an industrial control system. This collection of research defines and analyzes the technical, procedural, and managerial responses to securing these systems.
The availability and security of many services we rely upon—including water treatment, electricity, healthcare, transportation, and financial transactions—are routinely put at risk by cyber threats. The Handbook of SCADA/Control Systems Security is a fundamental outline of security concepts, methodologies, and relevant information pertaining to the supervisory control and data acquisition (SCADA) systems and technology that quietly operate in the background of critical utility and industrial facilities worldwide. Divided into five sections, the book examines topics comprising functions within and throughout industrial control systems (ICS) environments. Topics include: Emerging trends and threat factors that plague the ICS security community Risk methodologies and principles that can be applied to safeguard and secure an automated operation Methods for determining events leading to a cyber incident, and methods for restoring and mitigating issues—including the importance of critical communications The necessity and reasoning behind implementing a governance or compliance program A strategic roadmap for the development of a secured SCADA/control systems environment, with examples Relevant issues concerning the maintenance, patching, and physical localities of ICS equipment How to conduct training exercises for SCADA/control systems The final chapters outline the data relied upon for accurate processing, discusses emerging issues with data overload, and provides insight into the possible future direction of ISC security. The book supplies crucial information for securing industrial automation/process control systems as part of a critical infrastructure protection program. The content has global applications for securing essential governmental and economic systems that have evolved into present-day security nightmares. The authors present a "best practices" approach to securing business management environments at the strategic, tactical, and operational levels.
This book provides a comprehensive overview of the fundamental security of Industrial Control Systems (ICSs), including Supervisory Control and Data Acquisition (SCADA) systems and touching on cyber-physical systems in general. Careful attention is given to providing the reader with clear and comprehensive background and reference material for each topic pertinent to ICS security. This book offers answers to such questions as: Which specific operating and security issues may lead to a loss of efficiency and operation? What methods can be used to monitor and protect my system? How can I design my system to reduce threats?This book offers chapters on ICS cyber threats, attacks, metrics, risk, situational awareness, intrusion detection, and security testing, providing an advantageous reference set for current system owners who wish to securely configure and operate their ICSs. This book is appropriate for non-specialists as well. Tutorial information is provided in two initial chapters and in the beginnings of other chapters as needed. The book concludes with advanced topics on ICS governance, responses to attacks on ICS, and future security of the Internet of Things.
Cybercrime and Espionage provides a comprehensive analysis of the sophisticated patterns and subversive multi-vector threats (SMTs) associated with modern cybercrime, cyber terrorism, cyber warfare and cyber espionage. Whether the goal is to acquire and subsequently sell intellectual property from one organization to a competitor or the international black markets, to compromise financial data and systems, or undermine the security posture of a nation state by another nation state or sub-national entity, SMTs are real and growing at an alarming pace. This book contains a wealth of knowledge related to the realities seen in the execution of advanced attacks, their success from the perspective of exploitation and their presence within all industry. It will educate readers on the realities of advanced, next generation threats, which take form in a variety ways. This book consists of 12 chapters covering a variety of topics such as the maturity of communications systems and the emergence of advanced web technology; how regulatory compliance has worsened the state of information security; the convergence of physical and logical security; asymmetric forms of gathering information; seven commonalities of SMTs; examples of compromise and presence of SMTs; next generation techniques and tools for avoidance and obfuscation; and next generation techniques and tools for detection, identification and analysis. This book will appeal to information and physical security professionals as well as those in the intelligence community and federal and municipal law enforcement, auditors, forensic analysts, and CIO/CSO/CISO. Includes detailed analysis and examples of the threats in addition to related anecdotal information Authors’ combined backgrounds of security, military, and intelligence, give you distinct and timely insights Presents never-before-published information: identification and analysis of cybercrime and the psychological profiles that accompany them
As the sophistication of cyber-attacks increases, understanding how to defend critical infrastructure systems—energy production, water, gas, and other vital systems—becomes more important, and heavily mandated. Industrial Network Security, Second Edition arms you with the knowledge you need to understand the vulnerabilities of these distributed supervisory and control systems. The book examines the unique protocols and applications that are the foundation of industrial control systems, and provides clear guidelines for their protection. This how-to guide gives you thorough understanding of the unique challenges facing critical infrastructures, new guidelines and security measures for critical infrastructure protection, knowledge of new and evolving security tools, and pointers on SCADA protocols and security implementation. All-new real-world examples of attacks against control systems, and more diagrams of systems Expanded coverage of protocols such as 61850, Ethernet/IP, CIP, ISA-99, and the evolution to IEC62443 Expanded coverage of Smart Grid security New coverage of signature-based detection, exploit-based vs. vulnerability-based detection, and signature reverse engineering
The Secret Service, FBI, NSA, CERT (Computer Emergency Response Team) and George Washington University have all identified “Insider Threats as one of the most significant challenges facing IT, security, law enforcement, and intelligence professionals today. This book will teach IT professional and law enforcement officials about the dangers posed by insiders to their IT infrastructure and how to mitigate these risks by designing and implementing secure IT systems as well as security and human resource policies. The book will begin by identifying the types of insiders who are most likely to pose a threat. Next, the reader will learn about the variety of tools and attacks used by insiders to commit their crimes including: encryption, steganography, and social engineering. The book will then specifically address the dangers faced by corporations and government agencies. Finally, the reader will learn how to design effective security systems to prevent insider attacks and how to investigate insider security breeches that do occur. Throughout the book, the authors will use their backgrounds in the CIA to analyze several, high-profile cases involving insider threats. * Tackles one of the most significant challenges facing IT, security, law enforcement, and intelligence professionals today * Both co-authors worked for several years at the CIA, and they use this experience to analyze several high-profile cases involving insider threat attacks * Despite the frequency and harm caused by insider attacks, there are no competing books on this topic.books on this topic
Digital data collection and surveillance is pervasive and no one can protect your privacy without your help. Before you can help yourself, you need to understand the new technologies, what benefits they provide, and what trade-offs they require. Some of those trade-offs – privacy for convenience – could be softened by our own behavior or be reduced by legislation if we fight for it. This book analyzes why privacy is important to all of us, and it describes the technologies that place your privacy most at risk, starting with modern computing and the Internet.
The Professional Protection Officer: Security Strategies, Tactics and Trends, Eighth Edition, is the definitive reference and instructional text for career oriented security officers in both the private and public sectors. The first edition originated with the birth of the International Foundation for Protection Officers (IFPO) in 1988, which has been using the book as the official text since that time. Each subsequent edition has brought new and enlightened information to the protection professional. This latest edition covers all of the subjects essential to training of protection professionals, and has been renamed to reflect new strategies, tactics, and trends in this dynamic field. The book contains 12 units and 45 chapters. Written by leading security educators, trainers and consultants, it has served as the authoritative text for both students and professionals worldwide. This new edition adds critical updates and fresh pedagogy, as well as new diagrams, illustrations, and self assessments. Information included is designed to reflect the latest trends in the industry and to support and reinforce continued professional development. The book concludes with an Emerging Trends feature, laying the groundwork for the future growth of this increasingly vital profession. This will be an ideal reference for security students and CPO candidates. Information included is designed to reflect the latest trends in the industry and to support and reinforce continued professional development. Concludes chapters with an Emerging Trends feature, laying the groundwork for the future growth of this increasingly vital profession. Written by a cross-disciplinary contributor team consisting of top experts in their respective fields.
Explores the components of e-commerce (including EDI). Shows the risks involved when using an e-commerce system. Provides controls for protecting an e-commerce site (e.g., securing financial transactions and confidential transactions). Provides COSO compliant audit approach. Provides risk/control tables and checklists. Technical topics are discussed in simple user-friendly language.
The information infrastructure--comprising computers, embedded devices, networks and software systems--is vital to operations in every sector. Global business and industry, governments, and society itself, cannot function effectively if major components of the critical information infrastructure are degraded, disabled or destroyed. This book contains a selection of 27 edited papers from the First Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection.
Now available in a new edition entitled GLASS HOUSES: Privacy, Secrecy, and Cyber Insecurity in a Transparent World. A former top-level National Security Agency insider goes behind the headlines to explore America's next great battleground: digital security. An urgent wake-up call that identifies our foes; unveils their methods; and charts the dire consequences for government, business, and individuals. Shortly after 9/11, Joel Brenner entered the inner sanctum of American espionage, first as the inspector general of the National Security Agency, then as the head of counterintelligence for the director of national intelligence. He saw at close range the battleground on which our adversaries are now attacking us-cyberspace. We are at the mercy of a new generation of spies who operate remotely from China, the Middle East, Russia, even France, among many other places. These operatives have already shown their ability to penetrate our power plants, steal our latest submarine technology, rob our banks, and invade the Pentagon's secret communications systems. Incidents like the WikiLeaks posting of secret U.S. State Department cables hint at the urgency of this problem, but they hardly reveal its extent or its danger. Our government and corporations are a "glass house," all but transparent to our adversaries. Counterfeit computer chips have found their way into our fighter aircraft; the Chinese stole a new radar system that the navy spent billions to develop; our own soldiers used intentionally corrupted thumb drives to download classified intel from laptops in Iraq. And much more. Dispatches from the corporate world are just as dire. In 2008, hackers lifted customer files from the Royal Bank of Scotland and used them to withdraw $9 million in half an hour from ATMs in the United States, Britain, and Canada. If that was a traditional heist, it would be counted as one of the largest in history. Worldwide, corporations lose on average $5 million worth of intellectual property apiece annually, and big companies lose many times that. The structure and culture of the Internet favor spies over governments and corporations, and hackers over privacy, and we've done little to alter that balance. Brenner draws on his extraordinary background to show how to right this imbalance and bring to cyberspace the freedom, accountability, and security we expect elsewhere in our lives. In America the Vulnerable, Brenner offers a chilling and revelatory appraisal of the new faces of war and espionage-virtual battles with dangerous implications for government, business, and all of us.
Urban water and wastewater systems have an inherent vulnerability to both manmade and natural threats and disasters including droughts, earthquakes and terrorist attacks. It is well established that natural disasters including major storms, such as hurricanes and flooding, can effect water supply security and integrity. Earthquakes and terrorist attacks have many characteristics in common because they are almost impossible to predict and can cause major devastation and confusion. Terrorism is also a major threat to water security and recent attention has turned to the potential that these attacks have for disrupting urban water supplies. There is a need to introduce the related concept of Integrated Water Resources Management which emphasizes linkages between land-use change and hydrological systems, between ecosystems and human health, and between political and scientific aspects of water management. An expanded water security agenda should include a conceptual focus on vulnerability, risk, and resilience; an emphasis on threats, shocks, and tipping points; and a related emphasis on adaptive management given limited predictability. Internationally, concerns about water have often taken a different focus and there is also a growing awareness, including in the US, that water security should include issues related to quantity, climate change, and biodiversity impacts, in addition to terrorism. This presents contributions from a group of internationally recognized experts that attempt to address the four areas listed above and includes suggestions as to how to deal with related problems. It also addresses the new and potentially growing issue of cyber attacks against water and waste water infrastructure including descriptions of actual attacks, making it of interest to scholars and policy-makers concerned with protecting the water supply.
Bestselling author Ron Krutz once again demonstrates his ability to make difficult security topics approachable with this first in-depth look at SCADA (Supervisory Control And Data Acquisition) systems Krutz discusses the harsh reality that natural gas pipelines, nuclear plants, water systems, oil refineries, and other industrial facilities are vulnerable to a terrorist or disgruntled employee causing lethal accidents and millions of dollars of damage-and what can be done to prevent this from happening Examines SCADA system threats and vulnerabilities, the emergence of protocol standards, and how security controls can be applied to ensure the safety and security of our national infrastructure assets
SCADA technology quietly operates in the background of critical utility and industrial facilities nationwide. "Cybersecurity for SCADA Systems" provides a high-level overview of this unique technology, with an explanation of each market segment. Readers will understand the vital issues, and learn strategies for decreasing or eliminating system vulnerabilities.
Ira Winkler has been dubbed "A Modern Day James Bond" by CNN and other media outlets for his ability to simulate espionage attacks against many of the top companies in the world, showing how billions of dollars can disappear. This unique book is packed with the riveting, true stories and case studies of how he did it-and how people and companies can avoid falling victim to the spies among us. American corporations now lose as much as $300 billion a year to hacking, cracking, physical security breaches, and other criminal activity. Millions of people a year have their identities stolen or fall victim to other scams. In Spies Among Us, Ira Winkler reveals his security secrets, disclosing how companies and individuals can protect themselves from even the most diabolical criminals. He goes into the mindset of everyone from small-time hackers to foreign intelligence agencies to disclose cost-effective countermeasures for all types of attacks. In Spies Among Us, readers learn: Why James Bond and Sydney Bristow are terrible spies How a team was able to infiltrate an airport in a post-9/11 world and plant a bomb How Ira and his team were able to steal nuclear reactor designs in three hours The real risks that individuals face from the spies that they unknowingly meet on a daily basis Recommendations for how companies and individuals can secure themselves against the spies, criminals, and terrorists who regularly cross their path
Cyber-Physical Attacks: A Growing Invisible Threat presents the growing list of harmful uses of computers and their ability to disable cameras, turn off a building’s lights, make a car veer off the road, or a drone land in enemy hands. In essence, it details the ways cyber-physical attacks are replacing physical attacks in crime, warfare, and terrorism. The book explores how attacks using computers affect the physical world in ways that were previously only possible through physical means. Perpetrators can now cause damage without the same risk, and without the political, social, or moral outrage that would follow a more overt physical attack. Readers will learn about all aspects of this brave new world of cyber-physical attacks, along with tactics on how to defend against them. The book provides an accessible introduction to the variety of cyber-physical attacks that have already been employed or are likely to be employed in the near future. Demonstrates how to identify and protect against cyber-physical threats Written for undergraduate students and non-experts, especially physical security professionals without computer science background Suitable for training police and security professionals Provides a strong understanding of the different ways in which a cyber-attack can affect physical security in a broad range of sectors Includes online resources for those teaching security management