U.S. seeking to build international unity around cyberdefense for industrial control systems

SAVANNAH, Ga. — In the interests of thwarting cyberattacks on critical infrastructure such as energy, water and manufacturing, the Department of Homeland Security (DHS) is quietly reaching out to other governments around the world to find what problems may exist elsewhere and what research can be shared to improve industrial control systems (ICS).

Security of industrial control systems questioned at DHS conference

In a closed-door meeting today following a conference, ICS-CERT, the DHS division that investigates cyberattacks against ICS that control critical water and electricity supply, convened with representatives from other nations with similar concerns. The event, called “ICSJWG 2012 International Partners Day,” is part of an effort to share information and ideas behind closed doors on cybersecurity planning going on around the world to prevent and respond to any attacks against ICS and Supervisory Control and Data Acquisition (SCADA) networks that everywhere are used to control gas and oil pipelines, public water supplies, manufacturing processes, electricity production, and more, such as elevators and boiler systems.

The goal of the meeting, according to one high-level official involved, is to provide a forum to discuss problems and to align various control-systems cybersecurity initiatives around the globe, if possible. In addition, it may be possible to “divide up some challenges,” such as coordinating research and training. Today’s meeting wasn’t the first of its kind, but part of an ongoing effort.

The participants included representatives from Japan, Israel and Europe, among others. Scheduled cybersecurity briefings included one from the IT security policy director from the Japan Ministry of Economy, Trade and Industry, Commerce and Information Policy. The European Commission’s Information Society and Media Directorate-General, Network and Information Security Unit, Deputy Head of the Internet, was also on tap to discuss cybersecurity. A briefing on the European SCADA and Control Systems Information Exchange was scheduled as well. In addition to U.S. officials from ICS-CERT, a representative from the Electricity Sector Information Sharing and Analysis Center were tapped to present the U.S. perspective.

Cyberattacks on U.S. critical infrastructure are seen to be on the rise, with ISC-CERT just this week taking the somewhat unusual step of issuing an alert about ongoing cyberattacks on the gas pipeline industry and publicly discussing the situation during the ICSJWG 2012 Spring Conference. The ICSJWG conference included process-control specialists from utilities and manufacturing, ICS vendors, consultants and DHS officials in a program that allowed for candid views and ardent debate on security issues in today’s ICS.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.

Read more about wide area network in Network World’s Wide Area Network section.