BAS – Bringing light to dispel the darkness of hackers
Experts recommend companies to deploy Breach and attack simulation (BAS)- a method to keep the system safe and secure at an appropriate cost. Big challenge for utility service providers Keysight Technologies vice president of security solutions, Mr. Scott Register has just published an article “Ghosts inside machines: Bringing light to dispel the darkness of hackers” discussing the safety and security of the industrial control system devices.
Scott Register said, the US Cybersecurity Infrastructure and Security Agency (CISA) recently issued 15 advisory documents for industrial control systems – systems that ensure the operation of the electric factory, production facilities, water and energy supply systems. Most of the contents in these advisory documents points to sophisticated external actors who have carried out widespread intrusions against targets in the US, especially utility systems such as electricity, water and government agencies.
Emphasizing that security is a huge challenge for companies providing utilities, Keysight analyzed that the number of security staff at these businesses is not enough; even in practice, these businesses may not have a dedicated security team. IT and security teams have to monitor multiple locations from a single screen, with no staff at the current field.
The GAO’s report also indicates that the context of the pandemic forcing workers to work from home, remote access control and monitoring systems are increasingly being used to control system operations. Remote control and monitoring systems extend the system’s vulnerable surface, creating an attractive point for attackers to exploit.
Security approach with minimal investment
Explaining the question “How should enterprises providing electricity, water and other industrial control systems respond to ensure the security of their essential network systems in limited human and finacel resources? “, Mr. Scott Register said, companies need to effectively apply the principle of “Zero Trust”.
The “Zero-Trust” principle implies that devices should not be trusted by default and always assume that any device or user can be a malicious one. That mean, the device may have been infected with malicious code and the remote user may not have declared their real identity.
However, the full implementation of Zero-Trust can be quite expensive and inconvenient, exceeding the budget and technology capacity of enterprises. To overcome these difficulties and start implementing Zero-Trust with minimum investment of time and resources, enterprises can apply the “Breach and Attack Simulation” (BAS).
BAS is a two-pronged approach: Best efforts to prevent network intrusions; Be aware that the network is vulnerable and always ready to respond. As a result, companies can quickly identify and fix vulnerabilities in the system and answer questions such as: can an email security system prevent malicious emails; can peripheral security protocols prevent malicious code from being downloaded to the system; If malicious code has entered the network due to supply chain breaches or other failures, can the malware spread across the network…
Read more about BAS technology with Picus solution here: https://www.picussecurity.com/
PAMA – the official distributor of Picus in Vietnam
Dịch giả: Nguyễn Thùy Trang