Stuxnet
US-CERT Protection of Industrial Systems
United States Computer Emergency Readiness Team (US-CERT) is the Department of Homeland Security’s (DHS) primary effort to contend with cyber security issues, disseminate threat information to the public and private entitites, and ensure Constitutionaly rights are respected in those efforts. US-CERT is subordinate to the DHS’s National Cybersecurity and Communications Integration Center (NCCIC) and monitors these threats on a 24-hour basis. US-CERT collections information on incidents and works with private and public partners that control industrial and commercial infrastructure to respond to incidents and reinforce U.S secuity in the industrial realm. (US-CERT, 2014)
US-CERT Response to Stuxnet
When Stuxnet was found on a U.S manufacturing company’s systems, US-CERT responded to the incident quickly. Specifically, the Industrial Control Systems division of US-CERT, known as ICS-CERT, reported that this virus, ostensibly created by a nation-state actor to affect Iran’s nuclear program, was found on thousans of other systems everywhere. When the U.S facility was infected, ICS-CERT quickly deployed to coordinate the response on-site. While they were able to remove the virus from the hardware, the thought of the impact to our infrastructure if Stuxnet confused hardware in our industrial complexes and critical resources was grave. DHS reported that there was no damage to equipment at the site, but experts rail at the potential for danger from even these very targeted malware codes. (Farran, 2012)
In further examination of its role in protecting the homeland from this type of attack, US-CERT responded to an ever-increasing barrage of incidents year after year, deploying as they did in response to Stuxnet for a handful of those. US-CERT prioritizes those incidents with the greatest potential for harm and applies its effort there. (Farran, 2012)
Feasibility of ICS Technology in ‘Hot Sites’
In 2012, ICS-CERT went
United States Computer Emergency Readiness Team (US-CERT) is the Department of Homeland Security’s (DHS) primary effort to contend with cyber security issues, disseminate threat information to the public and private entitites, and ensure Constitutionaly rights are respected in those efforts. US-CERT is subordinate to the DHS’s National Cybersecurity and Communications Integration Center (NCCIC) and monitors these threats on a 24-hour basis. US-CERT collections information on incidents and works with private and public partners that control industrial and commercial infrastructure to respond to incidents and reinforce U.S secuity in the industrial realm. (US-CERT, 2014)
US-CERT Response to Stuxnet
When Stuxnet was found on a U.S manufacturing company’s systems, US-CERT responded to the incident quickly. Specifically, the Industrial Control Systems division of US-CERT, known as ICS-CERT, reported that this virus, ostensibly created by a nation-state actor to affect Iran’s nuclear program, was found on thousans of other systems everywhere. When the U.S facility was infected, ICS-CERT quickly deployed to coordinate the response on-site. While they were able to remove the virus from the hardware, the thought of the impact to our infrastructure if Stuxnet confused hardware in our industrial complexes and critical resources was grave. DHS reported that there was no damage to equipment at the site, but experts rail at the potential for danger from even these very targeted malware codes. (Farran, 2012)
In further examination of its role in protecting the homeland from this type of attack, US-CERT responded to an ever-increasing barrage of incidents year after year, deploying as they did in response to Stuxnet for a handful of those. US-CERT prioritizes those incidents with the greatest potential for harm and applies its effort there. (Farran, 2012)
Feasibility of ICS Technology in ‘Hot Sites’
In 2012, ICS-CERT went