Have you been feeling "cyber security breach fatigue?" We don't blame you. Cyberattacks or employee errors that cause disruption and revenue losses to industrial and critical infrastructure organizations are particularly popular in news media today. That's partly because a successful disruption within critical infrastructures can cause physical consequences that get the public's attention.

Over the past decade or more, the need for cyber security in industrial automation and control systems has been accelerating at an ever-increasing rate. Adoption of the benefits of commercial off-the-shelf and open technologies, awareness of the systems, exposure of the systems and precedents set by previous attacks have all contributed to the increase. The advent of the Industrial Internet of Things (IIoT) pushes this even further, with the increased uptake and reduced cost of powerful computing technologies like cloud, virtualization, shared networks and so on.

In June 2017, researchers disclosed a new family of sophisticated malware that is designed to target and disrupt industrial control systems (ICS) in power grids, specifically electric utility substations. CRASHOVERRIDE (aka Win32/Industroyer) offers modules that use standard industrial protocol communications and can directly control switches and circuit breakers within Remote Terminal Units (RTUs) in substations.

Petya ransomware surfaced publicly in June 2017, starting first in the Ukraine, rapidly moving to Europe and now into the United States. This global ransomware epidemic will not only encrypt your systems – essentially denying you access to everything it holds – it also “wipes” (overwrites) the hard drive master boot record (MBR) so that it cannot boot up its operating system. Without a backup, your system is dead and all the data lost. Some researchers believe even if the Bitcoin ransom were paid and keys obtained, they would not work to decrypt and restore your systems.

If you’re following industrial cyber security trends you know that industrial networks, endpoints and control systems typically have inherent weaknesses that make them insecure and vulnerable to compromise through digital methods. With 5.6 million newly connected devices added per day in 2016 and an estimated 21 billion online by 2020, these current growth trends only increase the potential attack surface within industrial automation and process control environments.