https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2022 Winter Showcase
    • IWCE 2023 Pre-event Guide
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • IWCE 2023 Pre-event Guide
    • IWCE 2022 Winter Showcase
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Security


Partner content

5 key lessons from ICS attacks through the ages

5 key lessons from ICS attacks through the ages

  • Written by Corey Nachreiner / Dark Reading
  • 6th August 2021

Imagine it’s 1903 and you’re standing in front of a large hotel on a remote peninsula cliffside in Poldhu (Cornwall, UK). Despite the large antennas next to it or the huge kite that sometimes flies antennas even higher, you might not realize you are looking at the site of historic wireless telegraph communications — or the victim of the first wireless cyberattack. Guglielmo Marconi, an Italian credited as the inventor of radio and the father of wireless, was about to wirelessly transmit a telegraph message 300 miles away to the Royal Academy of Science in London. Before Marconi could start his message, the receiving apparatus tapped out another Morse code dispatch coming from a stronger radio signal:

“Rats… Rats… Rats… Rats.”

More nasty messages aimed at Marconi soon followed. As it turned out, a wired telegraph company hired Nevil Maskelyne, a British magician and fellow radio hobbyist, to disrupt Marconi’s demo, proving in the process that open radio communications are not “secure and private” channels.

According to the Department of Energy’s (DOE) History of Industrial Control System Cyber Incidents report, this was one of the first recorded “cyber” attacks on an industrial control system (ICS). While wireless telegraphy hadn’t quite been “industrialized” yet, this incident still demonstrated the potential risk posed by critical ICS that society relies on.

ICS are the computers — sometimes very specialized — that control the operation of industrial technology found in energy plants, water and gas utilities, communication infrastructure, and manufacturing. ICS also includes supervisory control and data acquisition (SCADA) systems, which are the computers that remotely monitor and control ICS operational technology (OT).

While ICS equipment is often very specialized, it can suffer the same software and hardware vulnerabilities that afflict traditional computers. Security experts have long warned that hackers would target ICS, and incidents like the recent Colonial Pipeline ransomware attack prove that point (something many observers, including WatchGuard, predicted years ago). More concerningly, successful ICS attacks have accelerated in frequency and impact over the last five years.

However, we can protect these systems, especially if we learn from history. Here are five key security lessons we have learned from past ICS attacks:

1. Insiders Threaten Even the Most Secured Systems
In 2008, Maroochy Water Services (MWS) in Queensland, Australia, started suffering wastewater pump failures, resulting in the unplanned release of over a million gallons of untreated sewage. These failures happened without any faults or alarms going off. In the end, it turned out a disgruntled contractor had stolen computer and radio equipment and was sabotaging these pumps as revenge for not receiving a permanent position.

Protecting yourself from malicious insiders can be hard but having strong asset management controls and processes for quickly revoking the privileges of ex-employees can help. As an extra lesson, MWS also realized its equipment’s wireless radio communications were not encrypted. If you are going to use a publicly accessible communication medium, you must secure and encrypt it.

To read the complete article, visit Dark Reading.

 

Tags: Alerting Systems Applications Critical Infrastructure Cybersecurity Enterprise Federal Government/Military Incident Command/Situational Awareness Internet of Things Internet of Things Interoperability IoT/Smart X News Policy Public Safety Security Software State & Local Government Subscriber Devices System Design System Operation Tracking, Monitoring & Control Training Partner content

Most Recent


  • Industrial Inspection robot dog gets upgrade; humanoid robot video released
    Unitree Robotics has released a new version of its quadruped robot, Unitree B2, for industrial inspection use cases. The new robot design has lidar for obstacle detection and navigation, a standing payload of around 264 pounds and a battery life of four to six hours. In a video demonstration, the new robot is shown climbing […]
  • Five takeaways from the House FCC oversight hearing
    The House Energy & Commerce Committee held an FCC oversight hearing on Thursday, with a “Biden broadband takeover” theme, focusing largely on Republican concerns with the FCC’s efforts to reinstate Title II and enact digital discrimination rules. The hearing also covered the FCC’s lapsed spectrum authority and the Biden administration’s spectrum policy, as well as funding shortfalls […]
  • Sorond named NextNav's CEO to pursue location services, 5G
    Mariam Sorond, a wireless executive who previously worked at companies including VMware, CableLabs and Dish Network, will take over the CEO role at NextNav, the company announced. “Having devoted my career to advancing and commercializing innovation in technology, I am thrilled to continue this journey at the helm of NextNav,” Sorond said in a release. “I […]
  • Cyberattack on Pennsylvania Water Authority disrupts OT gear
    This past weekend, the Aliquippa Municipal Water Authority, located in Pittsburgh, experienced a cyberattack after one of its booster stations was hacked by an Iranian-backed cyber group.  The threat group, known as Cyber Av3ngers, hacked a system known as Unitronics, which has components that are Israeli-owned. The technology that monitors water pressure at the station […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • FragAttacks foil two decades of wireless security
  • Why supply-chain attacks are destined to escalate
  • Trying to apply ethics to driverless technology
  • 5 key lessons from ICS attacks through the ages
    Newscan: U.S. Senate bill seeks to require anti-drunk-driving vehicle tech

Commentary


Land mobile radio (LMR) systems are just as vulnerable to cyberattacks as any other networks used in the public-safety sector. Here’s what to do about it.

  • 1
7th November 2023

September 3GPP Plenary meetings feature Release 18 progress, Release 19 beginnings

13th October 2023

Better technology can help solve the public-safety staffing crisis

26th June 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.