Crossroads Blog | Institute National Security and Counterterrorism

cyber attack, technology

Mitigating advanced persistent threats within industrial and critical infrastructure environments: Network World

Network World’s Brian Musthaler wrote an article about protecting industrial control systems (ICS), “the backbone of our industrial and critical infrastructures.”  Cyberattacks can target ICSs, causing them to go haywire and create physical destruction.

In this context, the article considered ICS security and the menace that is the advanced persistent threat (APT).  APTs, as their name implies, are a more devious and sustained form of cyberattack that often evade detection.  Stuxnet was an APT.  Musthaler noted that ICSs are, of course, quite vulnerable to APTs because the “traditional approaches for the detection of malicious behavior . . . cannot effectively and efficiently address process related threats in control systems.”  Thus, “next-generation firewalls, are unable to detect and characterize APTs directed at ICSs.”

How, then, do we better protect ICSs?  The article suggested APT firewalling, a practice that “aims to detect threats that masquerade as legitimate traffic” by focusing on “signatures, heuristics and proactive profiling.”

For more on APT firewalling, check out Brian Musthaler’s article for Network World here.

Leave a Reply

cyber attack, technology

Mitigating advanced persistent threats within industrial and critical infrastructure environments: Network World

Network World’s Brian Musthaler wrote an article about protecting industrial control systems (ICS), “the backbone of our industrial and critical infrastructures.”  Cyberattacks can target ICSs, causing them to go haywire and create physical destruction.

In this context, the article considered ICS security and the menace that is the advanced persistent threat (APT).  APTs, as their name implies, are a more devious and sustained form of cyberattack that often evade detection.  Stuxnet was an APT.  Musthaler noted that ICSs are, of course, quite vulnerable to APTs because the “traditional approaches for the detection of malicious behavior . . . cannot effectively and efficiently address process related threats in control systems.”  Thus, “next-generation firewalls, are unable to detect and characterize APTs directed at ICSs.”

How, then, do we better protect ICSs?  The article suggested APT firewalling, a practice that “aims to detect threats that masquerade as legitimate traffic” by focusing on “signatures, heuristics and proactive profiling.”

For more on APT firewalling, check out Brian Musthaler’s article for Network World here.

Leave a Reply

Bitnami