Connect with us

Its123.com

Technology How to make critical infrastructure safer—there’s a long way to go


Technology

Technology How to make critical infrastructure safer—there’s a long way to go

ars frontiers — At Ars Frontiers, Lesley Carhart spoke about the systems that make our world work. Sean Gallagher – May 31, 2022 5:55 pm UTC Making critical infrastructure safer at Ars Frontiers. Click here for transcript. In the run-up to Ars Frontiers, I had the opportunity to talk with Lesley Carhart, director of Incident…

Technology How to make critical infrastructure safer—there’s a long way to go

technology news

ars frontiers —

At Ars Frontiers, Lesley Carhart spoke about the systems that make our world work.


Making critical infrastructure safer at Ars Frontiers. Click here for transcript.

In the run-up to Ars Frontiers, I had the opportunity to talk with Lesley Carhart, director of Incident Response at Dragos. Known on Twitter as @hacks4pancakes, Carhart is a veteran responder to cyber incidents affecting critical infrastructure and has been dealing with the challenges of securing industrial control systems and operational technology news (OT) for years. So it seemed appropriate to get her take on what needs to be done to improve the security of critical infrastructure both in industry and government, particularly in the context of what’s going on in Ukraine.

Much of it is not new territory. “Something that we’ve noticed for years in the industrial cybersecurity space is that people from all different organizations, both military and terrorists around the world, have been pre-positioning to do things like sabotage and espionage via computers for years,” Carhart explained. But these sorts of things rarely get attention because they’re not flashy—and as a result, they don’t get attention from those holding the purse strings for investments that might correct them.

As a result, Carhart said, organizations aiming to benefit from the exploitation of industrial technology news have spent years “trying to build their capacity so that when a geopolitical situation arose that it would be fruitful for them to do so, [they would] be able to attack infrastructure systems using cyber.”

An example of these capabilities is Pipedream, “a collection of tools that could be used to potentially intrude into industrial control systems and cause an impact to certain types of systems,” Carhart noted. Pipedream was uncovered by security professionals before it could be used to do damage, but it demonstrates that “people are pre-positioning to do things in the future,” Carhart said. “They have learned over the years, and certainly over the last couple of months, that sabotage, espionage, and information operations can be incredibly valuable as an element to traditional warfare… to demoralize enemies, sow confusion and dissent, and also impact the critical services that a civilian population uses while they’re also dealing with an armed conflict.”

Much is being done by people trying to defend industrial networks, and there’s a great deal of work being done to improve the security of industrial systems and prepare for trouble. But, “some industries are much more well-resourced than others” for those tasks, Carhart noted. Municipally owned utilities aren’t on the same footing resource-wise as large corporations with vast cybersecurity resources. The US’s Cybersecurity and Infrastructure Security Agency and other organizations are trying to help provide resources needed by municipal and other smaller utilities. But just how much CISA can do going forward to protect these organizations and other state and local providers of critical infrastructure is an open question.

Real Life. Real News. Real Action

Zillion Things Mobile!

Read More-Visit US

Operational technology news has a much longer life cycle than “normal” IT. We talked about what that means, both from the standpoint of securing existing OT and finding the people to do the critical work to establish and maintain that security. While some improvements are coming to security as Windows 10 makes its way into embedded systems and other OT, Carhart said, “we’ll probably be seeing Windows 10 for another 30 years in those environments”—and along with it, many of the security challenges IT has been facing down for years already.

Listing image by gremlin / Getty Images

Subscribe to the newsletter news

We hate SPAM and promise to keep your email address safe

Continue Reading
You may also like...

Top News

News Report: WWE boss McMahon’s hush cash bill over $12 million – Business News – Castanet.net

World News

World News Report: WWE boss McMahon’s hush cash bill over $12 million – Business World News – Castanet.net

By July 15, 2022
News McMahon paid over $12M in hush cash – CP24 Toronto’s Breaking News

World News

World News McMahon paid over $12M in hush cash – CP24 Toronto’s Breaking World News

By July 15, 2022
News This UPS is built for your inner gamer and it’s on sale for Prime Day

World News

World News This UPS is built for your inner gamer and it’s on sale for Prime Day

By July 15, 2022
News It’s not true that everyone’s got a book in them: give writing back to the writers | Stephanie Merritt

World News

World News It’s not true that everyone’s got a book in them: give writing back to the writers | Stephanie Merritt

By July 15, 2022
News Behold the gameplay for Lord of the Rings: Gollum, precious

World News

World News Behold the gameplay for Lord of the Rings: Gollum, precious

By July 15, 2022

Popular Posts

News Report: WWE boss McMahon’s hush cash bill over $12 million – Business News – Castanet.net

World News

World News Report: WWE boss McMahon’s hush cash bill over $12 million – Business World News – Castanet.net

By July 15, 2022
News McMahon paid over $12M in hush cash – CP24 Toronto’s Breaking News

World News

World News McMahon paid over $12M in hush cash – CP24 Toronto’s Breaking World News

By July 15, 2022
News This UPS is built for your inner gamer and it’s on sale for Prime Day

World News

World News This UPS is built for your inner gamer and it’s on sale for Prime Day

By July 15, 2022
News It’s not true that everyone’s got a book in them: give writing back to the writers | Stephanie Merritt

World News

World News It’s not true that everyone’s got a book in them: give writing back to the writers | Stephanie Merritt

By July 15, 2022
News Behold the gameplay for Lord of the Rings: Gollum, precious

World News

World News Behold the gameplay for Lord of the Rings: Gollum, precious

By July 15, 2022
To Top