Cisco Blogs


Cisco Blog > Energy - Oil & Gas and Utilities

Combating Cyber-Attacks Through Cyber Intelligence & Security: Part One

Hello and welcome to Part One of my new blog series discussing cyber intelligence and security around the critical infrastructure sectors in the U.S. Cyber-attacks are becoming increasingly prevalent and threatening to utilities, refineries, military defense systems, water treatment plants and other sectors of our critical infrastructure. Part One of this series details the dangers of cyber-attacks by state and non-state actors and how cyber intelligence can help organizations combat future cyber-attacks. Part Two will detail the role of data in cyber security and ways cyber intelligence can be gathered to further prevent attacks.

The New State of Cyber-Attacks

As technology advances so will the amount of cyber-attacks. Many companies play a vital role in their nation’s critical infrastructure and these companies are adopting digital systems to replace older, analog controls. This digitization of technology is helping operators obtain remote visibility and control over operations, including processes in refineries, the generation and transmission of power in the electrical grid, and the temperatures in nuclear cooling towers. In doing so, industrial facilities have become more efficient and productive.

However, the same digital hyper-connectivity that facility managers use to collect data and control machines and processes, also can serve as entry points for cyber attackers to get into system networks and steal or alter classified information, disrupt processes and cause damage to equipment. Many early control system breaches were random or accidental infections, but we’ve now entered a stage where kinetic attacks are becoming more prevalent, with industrial control systems becoming the object of targeted attacks.

Threats to a company’s information systems and assets could come from anywhere. State and non-state actors from around the globe are almost certainly targeting and possibly even penetrating the networks of energy providers and other critical infrastructures in the U.S. Effectively cyber criminals have loose alignment (affiliation) with state actors and now these criminals are beginning to use different methodologies, creating a huge challenge. Traditionally, we see malicious actions like zero-day attacks, Denial of Service attacks, (DoS) i.e. vulnerability attacks, bandwidth or connection flooding, stopping or delaying workflows and SQL Injections that help hackers exploit or steal data from organizations.

Read More »

Tags: , , , ,

Mitigations Available for the DRAM Row Hammer Vulnerability

This blog post was authored by Troy Fridley and Omar Santos of Cisco PSIRT.

On Mar 9 2015, the Project Zero team at Google revealed findings from new research related to the known issue in the DDR3 Memory specification referred to as “Row Hammer”. Row Hammer is an industry-wide issue that has been discussed publicly since (at least) 2012.

The new research by Google shows that these types of errors can be introduced in a predictable manner. A proof-of-concept (POC) exploit that runs on the Linux operating system has been released. Successful exploitation leverages the predictability of these Row Hammer errors to modify memory of an affected device. An authenticated, local attacker with the ability to execute code on the affected system could elevate their privileges to that of a super user or “root” account. This is also known as Ring 0. Programs that run in Ring 0 can modify anything on the affected system. Read More »

Tags: , , , , , ,

AMP Threat Grid Empowers Law Enforcement to Fight Cybercrime

Recognizing the critical need for state and local law enforcement agencies to have state-of-the art technologies to effectively fight digital crime, Cisco is creating the AMP Threat Grid for Law Enforcement Program. The program is designed to empower those working to protect our communities from cybercriminals with its dynamic malware analysis and threat intelligence platform.

Computers are central to modern criminal investigations, whether as instruments to commit the crime, as is the case for phishing, hacking, fraud or child exploitation; or as a storage repository for evidence of the crime, which is the case for virtually any crime. In addition, those using computers for criminal activity continue to become more sophisticated, and state and local law enforcement agencies struggle to keep up with their internal computer forensics / digital investigation capabilities. Malware analysis is also a critical part of digital investigations: to prove or disprove a “Trojan Defense” for suspects, wherein the accused rightly or falsely claims a malicious software program conducted the criminal activity and not the user; and to investigate unknown software and suspicious files on the computers of the victims of cybercriminal activity for evidence of the crime.

Read More »

Tags: , , , , , , , ,

Challenges and Progress at the White House Summit on Cybersecurity

White House Cybersecurity JPEG

On February 13, I attended the White House Summit on Cybersecurity and Consumer Protection at Stanford University. President Obama, along with senior leaders spanning federal government, industry and technology sectors, law enforcement, consumer privacy advocates, and others convened to collaborate and build partnerships within the public and private sectors to further improve cybersecurity practices.

The keynote, panels and workgroup sessions covered a range of preeminent topics but the resounding theme from each was simple – everyone is online, therefore everyone is vulnerable. A comprehensive and collaborative effort from private and public sectors will be necessary to address these challenges. Sharing information in a safe, secure, confidential and reliable way will be a major factor in this coordinated approach.

Throughout the Summit, the key challenges were consistent –

  • The need for legislation to protect information sharing
  • Eliminate cross-industry barriers and establish partnerships
  • Liabilities created by the convergence of wireless & digital technology
  • Need to raise the security baseline for digital products and controls
  • Create stewardship for planning and management

This is a complex and changing environment, but it’s moving in the right direction. Several public-private partnerships exist today that are starting to address these challenges including the Electric Sub-sector Coordinating Council, Cyber Threat Alliance, Idaho National Laboratory and the Cyber Threat Intelligence Centre. Additionally, President Obama officially signed the Executive Order on Promoting Private Sector Cybersecurity Information Sharing while at the Summit and launched the BuySecure Initiative in November to help mitigate these risks.

Specifically within the utilities industry, there has been a consistent focus on reliability and safety, but modernizing the electric grid is an ongoing process. Cisco Secure Ops and Collaborative Operations are just a couple of the solutions addressing this industry evolution; click here to learn more. In my next blog, I’ll address some of these Cybersecurity exposures and how to leverage technology to reduce these risks.

Tags: , , , ,

Cisco Partner Weekly Rewind – February 20, 2015

Partner-Weekly-Rewind-v2Each week, we’ll highlight the most important Cisco Partner Ecosystem news and stories, as well as point you to important, Cisco-related partner content you may have missed along the way. Here’s what you might have missed this week:

Off the Top

It was quite a busy week on the Partner Blog. Hopefully you had a chance to read Sherri Liebo’s blog on how digital marketing has transformed the traditional marketing landscape. If not, be sure to check it out and take a look back at her super heroes posts from 2014 and how those particular marketing team members can lead the way as digital marketing continues to shift how we all work.

As we are getting ever closer to this year’s Marketing Velocity event, this blog is a nice look at how all our marketing efforts tie together and what “digital” is doing to all of us.

Intelligent Cybersecurity

Raja Sundaram had some insight into cybersecurity and how it affects your customers. He looked at changing business models, dynamic threats, and complexity and fragmentation. Branching out from there he pointed out how Cisco is offering up the products you need for your customers to tackle these tough security situations. It’s a great overview on security. Read More »

Tags: , , , , , , , , , , , , , , , , , , , ,