Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Vulnerabilities of online critical infrastructure

FireEye : 03 December, 2012  (Technical Article)
FireEye comments on the recent debate surrounding the movement of critical structure to online environments
Vulnerabilities of online critical infrastructure

Paul Simmonds, Co-Founder of The Jericho Forum, has suggested that companies attempting to reduce costs by moving critical systems online could be opening themselves up to cyber attacks. Speaking at the Cybergeddon 2012 event, Mr Simmonds’ comments were echoed by other security experts – citing the discovery of highly advanced malware this year as a reason for greater caution.

This comes shortly after a researcher at security firm Exodus Intelligence discovered 23 vulnerabilities in industrial control systems from a variety of manufacturers, and the identification of further SCADA application vulnerabilities by Italian security company ReVuln last week.

Paul Davis, Director of Europe at FireEye has made the following comments: “The message is clear – when it comes to critical infrastructure, extreme vigilance is needed when taking the leap of faith into the online world, and cost saving cannot be the cause of any premature decision making. As our world becomes increasingly connected, with the internet controlling more aspects of daily life – the change needs to be reflected in the way that we think about security. The security implications of Internet of Things are enormous, and are still widely misunderstood. However, while data loss and fraud are terrible outcomes of a breach, an intrusion on our control systems could have significantly more devastating consequences.

“For SCADA systems in particular, it is essential that the security of the management platforms behind them is absolutely bulletproof – as any web-based attack on these systems would first have to penetrate this layer before moving on to the final target. As such, rapid detect and response solutions must be in place to thwart any threats immediately – and as evidenced by the calibre of malware being discovered today, traditional security tools simply do not go deep enough.

“The rate at which international cybercrime is evolving has created a very steep learning curve for us all. GCHQ and other government organisations are doing a good job of publicising their efforts to boost collaboration, funding and overall cyber readiness initiatives – and hopefully with the right investment in the most appropriate defences, we will be well on our way to becoming a centre of cyber security excellence.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo