Attackers will target U.S. power systems

industry trendsA hack on the Ukrainian power grid in late 2015 “blacked out more than 225,000 people,” according to Claims Journal, which described this type of attack as a “nightmare scenario for top U.S. officials.” They also reported that “U.S. Cyber Command chief Adm. Michael Rogers has previously warned that it’s not a matter of if, but when attackers will also target U.S. power systems.”

We have seen in the past that energy companies with low security posture have been denied a business insurance. I think this checks and balances system can help us to create a more secure power grid.

Many critical systems cannot be isolated

Digital business and the Internet of Things with cloud storage and processing will require the use of integrated systems. I think it is very hard for companies to isolate most systems from the Internet. We need to take another direction. More and more systems and data will be regarded as sensitive or critical. Systems will be increasingly connected. The traditional perimeter is gone and we can no longer isolate networks or systems; we need to instead protect the data itself.

We need to live with malware

Malware is increasingly harder to detect. We have seen payment processing systems infected with information-stealing malware. I’m concerned about highly sophisticated malware used in recent attacks, like those described by Claims Journal. McAfee Labs researchers have analyzed the threats and seen a steady growth in malware.

Malware tries to hide from its victims. Sophisticated malware can be difficult to detect and may even be signed by trusted (stolen) certificates. Signed malware, which poses as approved legitimate software, continues to set records and is increasing. Even if the malware is detected, it could be hard to notice in the noise from state of the art malware detection systems. Several major data breaches had this type of situation.

Please see my additional related reflections and recommendations about:

  • Securing enterprise identities
  • A shortage of IT security skills
  • Lowering the rising security costs
  • Reducing cost and time
  • The need for inventory of all sensitive data
  • Complying with increasing regulatory requirements.