Logo

American Security Council Foundation

Back to main site

Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

DHS Warns of a Persistent Cyber Threat Targeting Critical Infrastructure in the U.S.

Tuesday, August 4, 2020

Categories: ASCF News Emerging Threats Cyber Security

Comments: 0

Foreign rogue nation-state threat actors are targeting critical infrastructure in the U.S., according to the White House report involving the National Security Agency (NSA) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).

The threat actors are targeting internet-connected operational technology (OT) in the United States defense systems. Cyber threats originating from state-sponsored actors were also targeting critical infrastructures such as electricity, water, and gas. Consequently, the NSA and CISA directed the owners and operators to take immediate action to secure the systems.

Ransomware cyber threat targeting the U.S. critical infrastructure

The agencies warned that “the increase in adversary capabilities and activity, the criticality to U.S. national security and the vulnerability of OT systems, civilian infrastructure makes attractive targets for foreign actors.”

The NSA and CISA noted that OT assets are present in the Department of Defense systems and also in the defense industrial base sector. Their use is prominent in most critical areas including in the national security systems. The agencies say the use of such systems is necessary because of the increased demand for a decentralized workforce. However, their use opens an attack landscape while increasing monitoring complexities because of the pervasive nature of the systems.

The DHS indicated there was strong evidence of a cyber threat involving the use of email spear phishing tactics to infiltrate critical infrastructure networks through OT assets. Additionally, there are persistent efforts to conduct ransomware attacks on critical infrastructure. A ransomware cyber threat is particularly concerning because of its disruptive nature and ability to leak sensitive information.

In February, CISA released a report describing a ransomware attack on a natural gas compression facility, which led to the shutdown of operations on the facility.

A similar cyber threat was blocked in May targeting critical infrastructure on an Israeli water system, according to CyberScoop. Authorities said the attack was highly organized and synchronized.

Nilesh Dherange, CTO of Gurucul, reiterated that the cyber threat was real.

“The most recent NSA and CISA alerts are directed at Government assets, but they are valid warnings for any organization that has internet-facing systems. They offer solid advice that applies to any size of the operation and reiterates recommendations the Information Security community has been giving for years.”

Mitigating threats on critical infrastructure

The NSA and CISA advised organizations to create a resilience plan for the OT assets. The plan involves the creation of a manual process to restart industrial control systems after an attack takes place. They also recommended having a system monitoring process in place to monitor the cybersecurity state of the critical infrastructure concerning cyber threats. Because of the increased risks facing essential services, the agencies advised organizations to remain ahead of the cyber threat operators by being proactive.

Organizations should also create an incident response plan to anticipate new methods that hackers may deploy. This should include collaboration between organizations and CISA in the creation of organizational cybersecurity plans.

Operators should also harden their networks by restricting access to OT networks, and to carry regular tests to discover vulnerable OT devices within their networks.

Dherange summed up the list of measures that the operators of critical infrastructure should adopt.

“In a nutshell: Have resiliency, business continuity, and response plans in place and exercise them. Understand and document your environment, your likely adversaries, and how they will probably attack so you can harden appropriately. Make sure personnel are trained and equipped to resist the expected attack vectors and mitigate them after a breach.

Evan Dornbush, CEO and Founder of Point3 Security, says the cyber threat was critical, and therefore, operators should heed the advice.

“If the NSA is coming out of the shadows to speak up in a joint alert with CISA, you want to listen and take action. What is most helpful is that the advisory shares a list of tools attackers are using to identify targets. Seeing what the attacker sees allows your cybersecurity team to prioritize your defensive actions. The Advisory goes further still, offering a robust set of recommendations for executing a response strategy.”

Photo and Link: https://www.cpomagazine.com/cyber-security/dhs-warns-of-a-persistent-cyber-threat-targeting-critical-infrastructure-in-the-u-s/

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.