Our firm recently partnered with the University of Southern Maine Department of Engineering faculty and students to develop and execute an interactive substation cybersecurity demonstration, during which participants experienced real-time attack scenarios. Throughout the semester, the dual testing/training lab environment was established to explore potential cyberattacks against power grid transmission systems.
Ultimately, several potential attack scenarios were developed and presented as part of a live demonstration that took place on April 26, 2018, at the Maine Cyber Security Cluster in Portland. The scenarios included real-world threat vectors, including watering hole, spear phishing and ransomware attacks. These scenarios were executed in real-time, with both the attacker and the target point of view being shown across multiple screens. Frequent breakouts were held to explain each scenario and to discuss ways to better guard against each step of the attack process.
This demonstration was intended to help compliance, physical/cybersecurity, IT professionals and project managers actively identify ways to improve their processes and environments through an attacker's perspective. During this presentation, attendees experienced real-time attack scenarios demonstrated in a secure development environment, and learned how their existing systems, methods and procedures may be vulnerable to attacks in ways they may not have previously considered.
Here are three key takeaways from the program to keep in mind when considering secure practices:
- Be careful what information you share, because things you might not even expect to be usable information on social media could facilitate an attack.
- In general, processes can be weaker during construction and commissioning phases, creating an opportunity for an attacker to exploit. Be diligent during these project phases.
- Be careful with email links or attachments, even from trusted sources, and always be cautious before opening them.