BELDEN INC. Over the holidays, you likely read or heard about a number of "Top 10" lists. Examples include Top 10 News Stories, Top 10 Books, Top 10 Movies, and Top 10 You-Name-It.
Thinking you would not want to miss out on the top topics about one of your favorite subjects, industrial security, I took a look at what the top articles were for this blog in 2014. I also looked at which cyber security white papers and other documents were downloaded most frequently.
The results show that there were three top themes:
- The End of Support (EOS) for Windows XP
- The Dragonfly advanced malware campaign
- "Cyber Security Big Picture"
The "Cyber Security Big Picture" topic included information on the NIST cyber security framework and cyber security concepts for CEOs.
Finally, particular application areas showed a high area of interest. This included Defense in Depth strategies for oil and gas applications and industrial wireless applications.
If any of these topics are of interest to you, or you want to make sure you didn't miss any useful content, read on.
Reader visits and content downloads helped us determine
the top cyber security topics of 2014.
A series of blog articles on the impact of Microsoft ending support for the Windows XP operations system on industrial applications was very popular. We started them off by looking at how pervasive Windows XP-based systems are in manufacturing. They are not just white box PCs running important process or production applications on the plant floor, in control rooms and in engineering offices. They also include ruggedized PCs running PLC, DCS and other device configuration/monitoring applications in your processes.
Next, we took a look at the "domino effect" upgrading just the operating system has on the entire industrial network. It involves purchasing and installing software upgrades, new computers, new networking equipment, and new automation devices; conducting extensive testing; and training users on all of the new systems.
A practical way to secure industrial systems today and plan and implement Windows XP upgrades over time is to install industrial firewalls. They are simple to install and configure, can be deployed into live networks without disrupting production, do not trigger a domino effect, and are cost effective.
Our white paper "Windows XP End of Service - Practical Options for Industrial Applications" outlines the challenges and possible solutions in detail. It was our most popular download in 2014.
Protecting ICS from Windows XP-related risks
was the most popular topic and white paper for 2014.
Industrial Control System (ICS) risk due to the lack of security updates for Windows XP was highlighted by our second biggest topic of 2014, the Dragonfly malware campaign. One of its "Offense in Depth" strategies was to specifically target Windows XP-based computers.
Dragonfly was the first malware since Stuxnet in 2010 to specifically target ICS components. For this reason, it is important for everyone involved with industrial cyber security to understand its key aspects.
Research done by Joel Langill of RedHat Cyber, on behalf of Belden, showed that its target was most likely the pharmaceutical industry, rather than the energy industry as initially reported. This represented the first time that a sophisticated attack vector had gone after the discrete manufacturing sector.
Although Dragonfly collected information on ICS, it did not harm these systems. Instead, it gathered information for the likely purposes of counterfeiting or competitive intelligence. It would, nonetheless, be easy for its creators to modify its modules for destructive purposes in the future.
A concerning aspect of Dragonfly is that "usual" security solutions would not have defended against it. Thankfully though, there are techniques and products available to defend against it.
Download our complete Dragonfly white paper series to learn about the ineffective and effective defenses for this advanced persistent threat.
The Dragonfly malware campaign was the most significant attack directed at ICS systems in 2014 and many of our readers downloaded this white paper.
Deep Packet Inspection for Industrial ProtocolsIndustrial protocols are insecure by design and because of the long useful lives of manufacturing automation and networking equipment; they are going to be around for a while.
The way to mitigate the uniquely industrial risks that exist with these protocols is to use firewalls with Deep Pack Inspection (also known as content inspection or protocol whitelisting). Our technical briefing kit "Understanding Deep Packet Inspection for SCADA Security" received a record number of downloads in 2014, improving on its already high popularity in 2013.
I am glad to see more and more people learning about the need for Deep Packet Inspection, especially as it is a way to mitigate the risks posed by both the Windows XP EOS and the Dragonfly malware.
Industrial Cyber Security Big PictureThis year, the US National Institute of Standards and Technology (NIST) updated its Cybersecurity Framework. Guest blogger Ernie Hayden's article about it, "Time to Pay Attention to the NIST Guide to ICS Security," calls out the usefulness of "ICS Security Guideline - NIST 800-82 Rev. 2." He urged everyone to take the time to download it and use it as a key reference document. Based on our web statistics, many of you took the opportunity to do so.
On a related big picture theme, another guest article, this one from ISSSource, "Essential Cyber Security Concepts for CEOs" was amongst our top blog posts for 2014 (even though it was published in 2013). Here is a chance to bring cyber security to the attention of your top management - just share this article with them.
Protecting Oil & Gas and Industrial Wireless ApplicationsOur two-part blog series on ICS Security for Oil and Gas applications was popular and so were two pieces of content on this topic:
- Application Note - Implementing Cyber Security in Offshore Oil and Gas Platforms
- Presentation - Cyber Security for Oil and Gas Applications
We also took a look at how to secure one of industry's fastest growing applications, industrial wireless. See the links below for key materials available on these topics.
Bringing Your Own Devices (BYOD) into the PlantFinally, perhaps reflecting everyone's enthusiasm for personal mobile devices on the factory floor, Eric Byres' article "What the BYOD Controversy Can Teach Us about Good SCADA Security Policy" was also amongst our top blog posts last year.
2014 in a NutshellTo provide you with easy access to our library of the top 2014 cyber security content, we have included all of the links in one list below. Maybe you will want to work your way down it when you have a free moment or two.
What were the most important industrial security topics to you last year? I look forward to hearing from you.
Links to the Top 2014 Cyber Security ContentWindows XP
- Blog: Windows XP End of Service - What it Means for Industrial Applications, Part 1 of 2(includes helpful video)
- Blog: Windows XP End of Service - "Triggering a Domino Effect of Network Upgrades, Part 2 of 2"
- Blog: PLC Security: Protect Uptime from Windows XP Risk(includes helpful video)
- Blog: Attention Control System Integrators: Windows XP is a Big Opportunity
- Blog: Windows XP End of Service - Industrial Firewalls are an Easy Fix (includes helpful video showing how easy it is to install industrial firewalls.)
- Webpage: Security Capabilities
-
Webpage: EAGLE One Security Router
The Dragonfly Cyber Security Attacks
- Blog: How Dragonfly Hackers and RAT Malware Threaten ICS Security
- Press Release: Belden Research Reveals Dragonfly Malware Likely Targets Pharmaceutical Companies
- Blog: A New Era for ICS Security - Dragonfly Introduces Offense in Depth
-
Blog: Defending Against the Dragonfly Cyber Security Attacks
Deep Packet Inspection
- Download webpage: Technical Briefing Kit "Understanding Deep Packet Inspection for SCADA Security"
- Blog: "New SCADA Security Flaws Part 2: DPI Firewalls an Important Part of the Solution"
-
Blog: "Introducing the Next Generation Tofino Cyber Security Solution"
Industrial Cyber Security Big Picture
- Blog: Time to Pay Attention to the NIST Guide to ICS Security
- NIST PDF: Guide to Industrial Control Systems (ICS) Security
-
Blog: Essential Cyber Security Concepts for CEOs
BYOD
- Blog: What the BYOD Controversy Can Teach Us about Good SCADA Security Policy
|
distributed by
|
