Public utility systems are vulnerable to cyber attack

Public utility systems are now connected to the Internet for easy monitoring. Which means, hackers can turn off water to an entire city. Malware can cause a blackout for an entire country. Imagine a nation without any gas. Water, power, gas, traffic systems, dams are all at risk of unauthorized access in today’s networked world.

U.S Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) an Incident Response Activity report, which states that, a ‘sophisticated threat actor accessed the control system server’. Apparently, the device was directly connected to the Internet and was not protected by a firewall or authentication access controls. This is truly alarming.

Here is a summary of vulnerabilities detected on public utility industrial control systems in 2013 as described in the report:

Authentication – 33%
Denial of Service – 14%
Protocol Vulnerability – 7%
Remote Code Execution – 3%
SQL Injection – 3%

Public utility systems – especially the ones connected to the Internet – must be protected from malware and intrusion. Failure to do so will affect millions with disastrous consequences.

Here’s how public utility systems can be protected:

  • Use a Cloud-based security solution where the management console is hosted on the Cloud. This provides additional security since the console is secure and is always isolated from the physical network of managed computers.
  • Use a System Restore solution. Any malware is removed upon reboot. Make sure the solution is supported on Server operating systems as well.

ICS-CERT also published a document that details the recommended practice for securing industrial control systems. The document ‘Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies’ highlights the importance of Intrusion Detection Systems for securing industrial control systems.

Are your public utility systems protected? Evaluate the security needs for your public utility systems and implement security strategies before it’s too late!

About The Author

Sri Raghu

Sri writes the user documentation for Faronics’ products. He likes to try out different apps on his computers and smartphone. He reads too many articles on the future of technology, which makes him extremely paranoid about where technology might be going!

Sign Up For A 30-Day Trial


Deep Freeze Enterprise

Centralized deployment and management as well as a host of configuration options for the Enterprise.

  • This field is for validation purposes and should be left unchanged.

Ready to find out more about Faronics? Let us know how to reach you.

We're here to help you in any way possible.