Security Experts:

Connect with us

Hi, what are you looking for?



Overhyped Media Reports Bad For ICS Security: Experts

Overblown media reports describing critical infrastructure incidents can have a negative impact on cybersecurity in the industrial control systems (ICS) sector, experts have warned.

Overblown media reports describing critical infrastructure incidents can have a negative impact on cybersecurity in the industrial control systems (ICS) sector, experts have warned.

The number of attacks aimed at ICS has reportedly increased in the past year and several incidents have been disclosed to the public. However, some of the mainstream media reports covering these attacks have been sensationalized or inaccurate.

For instance, reports of an incident involving the Burlington Electric Department in Vermont initially led the public to believe that the electric grid was breached, when in reality only a computer that was not connected to the grid was affected. In some cases, such as the attack targeting a small dam in New York, overhyped reports are fueled by statements made by representatives of the government.

SecurityWeek has reached out to several industrial security companies and some believe that media reports can have a positive impact on ICS security, especially when it comes to raising awareness, but only if the reports are accurate.

“Reporting on these types of incidents is a very good thing, if and only if the reporting is accurate and objective,” said Lane Thames, software development engineer and researcher at Tripwire. “Awareness is very important here. However, there is too much reporting hype in our industry, so sensationalized reporting is a very bad thing.”

SAVE THE DATE: ICS Cyber Security Conference | Singapore – April 25-27, 2017

Robert M. Lee, CEO and founder of Dragos, Inc., is also convinced that overblown reports can have a negative effect.

“It is common for folks to want to believe that a bit of hype or sensationalism will help encourage folks to invest more in security, but it often has one of two negative impacts,” Lee said. “Either the company invests resources in security to fight off the hyped threat, which means that the resources are not focused on the real threats, or the company gets fatigue from the hyped stories and decides to not invest at all.”

Eddie Habibi, CEO of PAS, agrees and believes there is a “quiet desperation” to report on incidents disclosed to the public.

“Unfortunately, when we cry wolf on minor incidents, such as the Vermont laptop infection, it becomes harder and harder for critical infrastructure companies to discern what the real threats are. Focusing on real, confirmed risks allows industry to make better, more targeted investment decisions,” the expert said.

Stephen Ward, senior director at Claroty, believes the key is collaboration between the media and the industry.

“Raising awareness of ICS security is always a good thing – especially given how far behind ICS security is in comparison to IT…that said, when these conflations occur it has the dual effect of raising awareness on the one hand and then ‘writing off’ the seriousness when the conflation is realized,” Ward said. “Better understanding across the board is required – we’re happy to be helping drive that with our friends in the media.”

Related: Exploring Risks of IT Network Breaches to Industrial Control Systems

Related: The Role of Asset Management in ICS Network

Related: What’s Ahead for ICS Cyber Security in 2017

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Risk Management

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.