Airports and nuclear power plants in the US and UK are on alert for cyber-attacks after governments in both countries issued alerts.
In addition to intelligence that prompted the US to ban laptops and other devices in passenger cabins of certain airlines to thwart terrorists attempting to bring explosives on board, the Telegraph reported that officials worried that bad actors might also attempt cyber-attacks on airports and nuclear facilities.
“The original warning to nuclear stations was published in the government's five-year Civil Nuclear Cyber Security Strategy back in February, and you can be assured that the recommendations have not been ignored,” Edgard Capdevielle, CEO of Nozomi Networks said in comments emailed to SC Media. “That said, visibility of critical infrastructure is often easier said than done as security in nuclear power plant control systems is bolted on rather than designed in.”
The configurations, which are “cumbersome and often manual,” Capdevielle said, “don't naturally fit with the complexity of industrial installations that were never designed to be connected to the outside world.”
While connectivity can't be reversed, he called for “a solution needs to be reached that can provide modern protection for these legacy systems.” Machine learning and artificial intelligence may hold the key, Capdevielle said, allowing for “a complex industrial network and its physical processes” to be built.
“Thankfully, in the most part, control system traffic is predictable so establishing a baseline of ICS network communications, then conducting active monitoring that looks for anomalies, means anything that detracts from expected behavioural patterns identifies malicious or unintentional process impacts/disruptions that require urgent investigation,” he said.