Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Overhyped Media Reports Bad For ICS Security: Experts

Overblown media reports describing critical infrastructure incidents can have a negative impact on cybersecurity in the industrial control systems (ICS) sector, experts have warned.

Overblown media reports describing critical infrastructure incidents can have a negative impact on cybersecurity in the industrial control systems (ICS) sector, experts have warned.

The number of attacks aimed at ICS has reportedly increased in the past year and several incidents have been disclosed to the public. However, some of the mainstream media reports covering these attacks have been sensationalized or inaccurate.

For instance, reports of an incident involving the Burlington Electric Department in Vermont initially led the public to believe that the electric grid was breached, when in reality only a computer that was not connected to the grid was affected. In some cases, such as the attack targeting a small dam in New York, overhyped reports are fueled by statements made by representatives of the government.

SecurityWeek has reached out to several industrial security companies and some believe that media reports can have a positive impact on ICS security, especially when it comes to raising awareness, but only if the reports are accurate.

“Reporting on these types of incidents is a very good thing, if and only if the reporting is accurate and objective,” said Lane Thames, software development engineer and researcher at Tripwire. “Awareness is very important here. However, there is too much reporting hype in our industry, so sensationalized reporting is a very bad thing.”

SAVE THE DATE: ICS Cyber Security Conference | Singapore – April 25-27, 2017

Robert M. Lee, CEO and founder of Dragos, Inc., is also convinced that overblown reports can have a negative effect.

“It is common for folks to want to believe that a bit of hype or sensationalism will help encourage folks to invest more in security, but it often has one of two negative impacts,” Lee said. “Either the company invests resources in security to fight off the hyped threat, which means that the resources are not focused on the real threats, or the company gets fatigue from the hyped stories and decides to not invest at all.”

Advertisement. Scroll to continue reading.

Eddie Habibi, CEO of PAS, agrees and believes there is a “quiet desperation” to report on incidents disclosed to the public.

“Unfortunately, when we cry wolf on minor incidents, such as the Vermont laptop infection, it becomes harder and harder for critical infrastructure companies to discern what the real threats are. Focusing on real, confirmed risks allows industry to make better, more targeted investment decisions,” the expert said.

Stephen Ward, senior director at Claroty, believes the key is collaboration between the media and the industry.

“Raising awareness of ICS security is always a good thing – especially given how far behind ICS security is in comparison to IT…that said, when these conflations occur it has the dual effect of raising awareness on the one hand and then ‘writing off’ the seriousness when the conflation is realized,” Ward said. “Better understanding across the board is required – we’re happy to be helping drive that with our friends in the media.”

Related: Exploring Risks of IT Network Breaches to Industrial Control Systems

Related: The Role of Asset Management in ICS Network

Related: What’s Ahead for ICS Cyber Security in 2017

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...