Top 10 ICS Security Solutions for 2022
Cyberattack: Spanish Radiation Alert System: Two people have been detained, according to Spain's law enforcement, in relation to a cyberattack on Spanish Radiation Alert System that occurred between March and June 2021.
More than one-third of the sensors that the Directorate-General for Civil Protection and Emergencies uses to detect high radiation levels around the nation are reportedly malfunctioning as a result of the act of sabotage. There is no known cause for the assaults.
— Sergiu Gatlan (@serghei) July 28, 2022
The official statement from the Policía Nacional (Spanish national police):
"The two detainees, former workers, attacked the computer system and caused the connection of the sensors to fail, reducing their detection capacity even in the environment of nuclear power plants.”
The RAR network, a grid of 800 gamma radiation sensors placed around the nation to detect spikes in radioactivity levels, was attacked in June 2021, prompting the start of the law enforcement investigation known as Operation GAMMA.
Following further investigation done by the agency, the breach had two parts, the first of which resulted in illegal access to the computer system of the control centre and the deletion of a web application used to administer the RAR system.
The targeting of more than 300 sensors over a period of two months as part of the assault reduced the network's ability to identify threats by preventing them from connecting to the control centre.
Experts Suggest That Industrial Internet of Things (IIoT) Devices Remain Vulnerable To Cyberattacks
Simon Chassar, CRO at Claroty, explains how this cyberattack that left an entire nation vulnerable to catastrophic disasters, is exactly why the Industrial Internet of Things (IIoT) devices deserve a lot more attention and focus than they receive.
“Whilst it’s great to see that the Spanish police took the cyberattack against the country’s radioactivity alert network (RAR) extremely seriously, it should also serve as a stark reminder of the need to secure cyber-physical devices within the critical infrastructure industry,” Simon says.
The two suspects attacked control sensors one at a time in an effort to disrupt the organization's activities as much as they could. Cyberphysical devices, such as Internet of Things (IoT) devices and Industrial IoT (IIoT) devices, are sometimes not designed with security in mind, which leaves them open to a range of flaws that ill-intentioned people might exploit. According to recent data, cyber-physical systems accounted for 34% of the vulnerabilities reported in the second half of 2021.
Simon further stated: “In order to close these security gaps, security teams must have full visibility across all the devices on their networks, including both IT and OT (operational technology) as well as any connected devices, and start patching or implementing security controls where urgent. It is also fundamental that networks are segmented with asset class network policies to restrict unnecessary connectivity, ultimately limiting the movement of malware and mitigating the impact of cyber attacks. Unfortunately, the systems that run the world are a prime target for hackers looking to cause disruption, so it’s vital that critical infrastructure organisations prioritise security across their entire environment.”