Preparing SCADA and ICS to Survive Ransomware Attacks
Tetra Tech cybersecurity expert Bob George discusses ways to protect Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) against ransomware attacks, and recover from such attacks.
This article was originally published in the New York Water Environment Association’s ClearWaters magazine.
Ransomware is now the leading cybersecurity concern for most organizations. Extortion via ransomware has been a threat for over a decade, and now attacks against critical infrastructure control systems make headlines daily. The days of an attack announcing itself are long gone. Attackers go to great lengths to avoid—and in many cases, deactivate—detection. Advanced persistent threats are sophisticated cyberattacks that incorporate multiple techniques to compromise, discover, infect, and ultimately attack victim systems. IP-based SCADA and ICS communications are extremely vulnerable to such attacks.
The U.S. Department of Homeland Security (DHS) and Cybersecurity & Infrastructure Security Agency (CISA) have issued guidance to protect against ransomware attacks. Understanding what ransomware is, how it affects organizations, and how to shield against attacks are key to protecting critical data and systems.
Utilities can readily adapt and apply the DHS and CISA guidance to protect their SCADA and ICS networks. Strategies include implementing standards for each computer and device, updating systems regularly, backing up program and system configurations routinely, considering equipment redundancy, adding security technologies, and developing secure interconnects.
Read more about how organizations can protect against ransomware attacks.
