New Portal Launched For ICS/SCADA Threat Intelligence-Sharing Among Nations

  /     /     /  
Publicated : 22/11/2024   Category : security


New Portal Launched For ICS/SCADA Threat Intelligence-Sharing Among Nations


The EastWest Institute teamed up with the US ICS-ISAC to create a platform for critical infrastructure operators worldwide to share threat data.



In the aftermath of the unprecedented cyberattack that led to a blackout in Ukraine last December, members of the US ICS-CERT team flew to Kiev to get debriefed by their Ukrainian counterparts. It was a crucial information-gathering trip as well as a reality-check for US critical infrastructure operators, according to US Department of Homeland Security officials, that such an attack could be pointed at power grids anywhere in the world.
The Ukraine power grid attack--although obviously targeted--“punctuated” the global nature of cyber threats in the ICS/SCADA community, says Chris Blask, chair of the ICS-ISAC, the US-based industrial control system/SCADA threat intelligence-sharing group.
Connecting power utilities and other critical infrastructure operators all over the world is the latest weapon in protecting these systems: a new portal launched this week by the ICS-ISAC and the nonprofit EastWest Institute (EWI) lets the critical infrastructure sector share and gather information from their counterparts in other nations.
The EWI Information Sharing Community portal is based on the Facebook At Work collaboration platform, and initially is being used for sharing threat information, best practices, lessons learned, and other information. It ultimately will be built out to share more sensitive threat intel including indicators of compromise such as malware markers or malicious IP addresses associated with an attack suffered by a power plant, for example.
“It’s [about] global situational awareness,” Blask says. “If something happens, you have a space where you an reach out and have people help ... as opposed to Google [searches] and a phone call.”
Blask says while groups such as the ICS-ISAC are open to international members, it’s still a US-based entity, so the new portal backed by EWI provides a more global connection for ICS/SCADA operators and interests. “They are using this platform for building [online] groups and communities,” he says, and ultimately, it will be built out for real-time, machine-readable threat intel feeds via the STIX (Structured Threat Information Expression) and TAXII (Trusted Automation Exchange of Indicator Information) protocols, he says.
A few hundred users have signed up so far, and the portal includes public and private areas, much like other threat intel-sharing portals. Among the early adopters are law enforcement groups, ICS vendors and ICS operators, and research and academic institutions, from around the world.
“We started with the premise that we might have a better chance at securing critical  infrastructure individually if we looked at it globally,” says Tom Patterson, chair of a group on strengthening critical infrastructure resilience and preparedness that launched the initiative. “We got great response from all over the world ... It encouraged us to create a global information exchange in a trusted forum. It’s a way for them to share information among themselves on threats and counter-measures.”
Patterson, who is vice president and global security leader for Unisys, says the EWI Information Sharing Community is not technically a global ISAC or ISAO for ICS/SCADA, but more of a place for public and private sector operators of critical infrastructure, different nations ISACs, and government agencies to collaborate.
Kenya’s ICT Secretary at its Ministry of Information Communication and Technology, in a statement said her nation plans to participate. Kenya is taking an active role in addressing cybersecurity risks. We welcome this opportunity to share lessons learned with others in the global critical infrastructure community,” ICT secretary Katherine Getao said.
The ICS-ISAC has set up a 
registration page
for the new portal.
Related Content:
Lessons From The Ukraine Electric Grid Hack
How Incident Response Fails In Industrial Control System Networks
Anatomy Of A Cyber-Physical Attack
Using Free Tools To Detect Attacks On ICS/SCADA Networks
 
Find out more about
security threats
at Interop 2016, May 2-6, at the Mandalay Bay Convention Center, Las Vegas.
Click here
for pricing information and to register.

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
New Portal Launched For ICS/SCADA Threat Intelligence-Sharing Among Nations