Recent and ongoing global conflicts have led to a significant increase in cyber threat activity. Here are three quick system checks you can do today.

The Canadian Centre for Cyber Security and the US Cybersecurity & Infrastructure Security Agency (CISA) have started releasing alerts. CISA highly recommends that all CI organizations review their cyber posture to reduce their attack surface area.

As a starting point, ICI Electrical Engineering recommends the following; 

  1. Check the status of backups for relevant control and SCADA systems, including historian data, age of backup. 
  2. Review your Disaster Recovery plan and update your list of contacts relevant to sustaining operation of your facilities.
  3. Check visibility in your OT network. Do you know what is attached or who is actually on your OT network? 
  4. Patching is not the top priority. Activate logging on your network and ensure that the logs are being reviewed and stored in a safe location. 
  5. Do not share access credentials (i.e. do service providers or engineering support providers have generic logins to your network?). 
  6. Who has access to your systems remotely and do you rely on Active Directory or management through IT? 
  7. Create a baseline for an operational system so that you can identify atypical behavior before it becomes an operational concern. 
  8. Review the operation of manual mode capabilities. 
  9. Review interconnections between IT and OT Systems.
  10. Enable multi-factor authentication (MFA) for existing remote access solutions where practicable.

Additional Information and Links

Dragos – ICS Cybersecurity Year in Review 2021

Report a Cyber Incident (Canadian Centre for Cyber Security)

Canadian Centre for Cyber Security Alert 1 – Disruptive activity against Ukrainian organizations

CISA Alert – Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

CISA Shields Up! – A catalog of free services to reduce the likelihood of a damaging cyber intrusion, take steps to quickly detect a potential intrusion, ensure that the organization is prepared to respond if an intrusion occurs and maximize the organization’s resilience to a destructive cyber incident.

It is ICI Electrical Engineering’s mission to secure critical infrastructure and enrich communities through the safe application of technology.