Cyber Security

"Key cyber risks include cyberattacks that target inadequate security controls, outdated patches, and unknown vulnerabilities; social engineering attempts designed to gain operator credentials; and intrusions from insider threats. All such attempts could allow attackers to access critical control systems and disrupt or control physical components and processes."^[1]

"Separating controls systems from untrusted networks (known as air-gapping) may no longer be a sufficient security practice. Standardized hardware and communications protocols, the use of USB drives, and the need to deliver operational data into business systems all increase the risk of unintentional outside network connections."

"Process control system operators typically have limited experience to distinguish between a system anomaly and a cyberattack. Operators rely on hardware and software vendors, who may not routinely, rapidly, or adequately update and patch process control systems to address cyber vulnerabilities. Some systems must be taken down for updates and can only be patched during planned outages." ^[1]

Citations:

↑ ^1.0 ^1.1 Dams Sector-Specific Plan, U.S. Department of Homeland Security, 2015

Revision ID: 5650
Revision Date: 12/14/2022

[Dams_Sector-1] 1.0 ^1.1 Dams Sector-Specific Plan, U.S. Department of Homeland Security, 2015

[1]