The Evolution of Industrial Control System Information Sharing

Thursday, May 16, 2013

Anthony M. Freed

6d117b57d55f63febe392e40a478011f

scada

The Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, recently issued an advisory warning of an elevated risk of cyber-based attacks against companies that are tasked with administering systems that control elements of our nation’s critical infrastructure.

The alert, which was made available only to authorized entities, provided advice on mitigation techniques and prescribed specific measures that should be undertaken to avoid disruption to services such as power and water delivery. An accompanying document outlined key indicators of an attack and guidelines for monitoring and detection efforts.

The advisory is a good example of improved efforts to break down information silos between government agencies as well as improve the mechanisms to share threat information with the public sector, said Chris Blask, Chair of the Industrial Control System Information Sharing and Analysis Center (ICS-ISAC).

According to the organization, ICS-ISAC exists to bring together the private sector partners and stakeholders for the purpose of sharing knowledge about risks, threats and best practices across our shared critical infrastructure. The Center was created to provide the ICS community with a common platform where collaboration can be performed in an environment best suited to the needs of all involved parties.

“The ability to effectively share information has marked the progress of human social evolution since the dawn of time. In the Communication Age, the need to more efficiently share a growing volume of increasingly targeted information among expanding communities defines the challenges facing cultures,” Blask said in an interview.

“For those who are responsible for maintaining the security of information structures, there is no more pressing topic.”

On February 12th of this year, President Obama issued an Executive Order :Improving Critical Infrastructure Cybersecurity and Presidential Policy Directive (PPD-21), both of which were designed to foster improvements in information sharing efforts among government agencies as well as between government and the private sector.

“Both documents emphasize the need to improve information sharing as a fundamental component of improving national security. ICS-ISAC is working with its members to develop an open reference architecture for situational awareness, both in support of these initiatives and as part of performing its core mission,” said Blask.

The president made the decision to issue the Executive Order and Policy Directive after years of partisan bickering prevented any significant cybersecurity legislation from being passed. Networks used to control elements of the nation’s critical infrastructure tend to be legacy systems, and when designed did not take into account the advent of the Internet and the prospect that the systems would ever be exposed to compromise via the web.

The fact that these systems are so vulnerable, yet at the same time so critical to the function of the nation and commerce, the need to better share intelligence on potential threats and active attacks is more important than ever. The good news is we already have the mechanisms to deploy such systems for information sharing at our disposal, according to Blask.

“Today we stand with all of the components in our hands from which to construct effective realtime situational awareness of our shared infrastructure. The basic technical tools necessary to create situational awareness at facilities have been developed and available for more than a decade,” said Blask.

“Knowledge sharing structures such as STIX and TAXII have recently been released in 1.0 versions,IODEF has been in use for more than five years. The REN-ISAC CIF system has developed a mechanism in use today among academic institutions which is being used to provide active shared defenses around the clock. In the public and private sectors, in technical, policy and procedural areas, the basic building blocks required have already been created from which we can build shared security,” Blask continued.

The ICS-CERT advisories are just a drop in the bucket, but show a trend in the right direction. “The type of information and detail that [ICS-CERT] is now delivering in these intelligence reports to the community has dramatically improved in the last 18 months,” SANS’ Tim Conway told the Washington Post.

Conway will be joining Blask on Wednesday May 15th from 1-2:30 PM ET for the ICS-ISAC Monthly Public Briefing. The panel will also include Michael Murray from CERT/CC at Carnegie Melon Universityand Marc Blackmer from Sourcefire in what will be the the first of a series of panel discussions on the evolution of public-private information sharing.

The series will begin with an analysis of historical information sharing efforts and lead up to the development of the ICS-ISAC’s Realtime Knowledge Sharing Reference Architecture.

According to ICS-ISAC’s press release on the panel discussions, they are “designed to benefit both the technical & non-technical attendee the ICS-ISAC Public Briefing series takes a no-nonsense approach to addressing issues that cut across industry, sector, and job function. So whether you are hands-on ICS, administrator, or C-level decision-maker you will find valuable information that you can take and implement to further secure your industrial control systems.”

Cross Posted from Tripwire's State of Security Blog

Possibly Related Articles:
15731
SCADA
Industrial Control Systems
SCADA ICS ICS-CERT
Post Rating I Like this!
Default-avatar
katrine bowden Industrial Control System Information Sharing are doing there best by maintaining the security risk and integrity involved in data sharing. Information secured for future use must be secured from other outside sources.
http://www.fertilemind.com.au/category-maternity-hosiery-leggings-144.aspx
1369717080
Default-avatar
sikawai duluan Wonderful website, stick with it to wearing hijab from Indonesia beauty and make your dream come true. http://www.steammopreviewspro.com
http://siratu.com
http://www.oliveoilforhairhq.com/
1411921574
Default-avatar
leijon 19 if you want to move from one location to another then Flexible Movers is the best moving company to get in touch with, we are one of the best moving providers in London that can do both small and big moves as well as Man and van hire services.http://www.flexiblemovers.co.uk
1424871396
Default-avatar
Raushan Kumar You will need to get yourself sorted with your shift. Help make set up regarding transportation such as professional, tooth, classes, higher education, insurance plan policy technique strategy technique strategy
http://www.expert5th.in/packers-and-movers-hyderabad/
http://www.expert5th.in/packers-and-movers-mumbai/
http://packersmoverspune.top3rd.in/
1425120196
Default-avatar
Raushan Kumar Supplying can be an important a aspect of house shifting. It can be has to be correctly conducted normally chances are you'll confront accidents as well as lack of the items with transition.
http://www.expert5th.in/packers-and-movers-bangalore/
http://www.expert5th.in/packers-and-movers-delhi/
http://www.expert5th.in/packers-and-movers-chennai/
http://www.expert5th.in/packers-and-movers-gurgaon/
1425120224
Default-avatar
mike lines According to the organization, ICS-ISAC exists to bring together the private sector partners and stakeholders for the purpose of sharing knowledge about risks, threats and best practices across our shared critical infrastructure. The Center was created to provide the ICS community with a common platform where collaboration can be performed in an environment best suited to the needs of all involved parties. https://oddstar.co/
1425814997
Default-avatar
williama willis It can help you stay organized. Admittedly, article promotion to a number of internet directories and tracking your submissions can be quite a chore. http://www.amazon.co.uk/Biovit-Complete-Raspberry-Ketone-Pills/dp/B00RR5999O/
1425984165
Default-avatar
mike lines “The ability to effectively share information has marked the progress of human social evolution since the dawn of time. In the Communication Age, the need to more efficiently share a growing volume of increasingly targeted information among expanding communities defines the challenges facing cultures,” Blask said in an interview. https://simpleaccounting.sg/simbiz/
1426082062
Default-avatar
leijon 19 They combine, you’ll be fascinated to know, the kind of technology you’d expect to find in the aerospace with the sort of stuff you find on a bicycle. http://injusticecheats.com/
1426224580
Default-avatar
1426320216
Default-avatar
1426320225
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.