15 April 2017
The Contingency Planning Memorandum No. 31 „A Cyberattack on the U.S. Power Grid“, published by Robert K. Knake at the Council on Foreign Relations (CFR) in April 2017, illustrates very clearly how vulnerable critical infrastructures like the U.S. power grid are. This memorandum is really worth reading.
Ultimately, for effective protection of the society in the case of a breakdown of the power grid we need something like a nation wide operated ISMS, with hundreds of stakeholders from the private and public sector. This is a Herculean task in the U.S., and needs a miracle in Europe.
But the discussion of attack vectors is characterized by the traditional ISA 95 paradigm:
Regardless of which part of the power grid is targeted, attackers would need to conduct extensive research, gain initial access to utility business networks (likely through spearphishing), work to move through the business networks to gain access to control systems, and then identify targeted systems and develop the capability to disable them.
In the era of the IIoT, the network perimeter with all its high sophisticated security controls is no longer existent. For example, a lot of Industrial Control Systems are already connected directly to the internet today. With this, the effort for attacking critical infrastructures is decreasing, as well as the likelihood of detection.
From my point of view, it is of crucial need to take this paradigm change into account in risk management.