Describe threats to ICS.
Description may include threats such as
- ICS-specific malware (e.g., Stuxnet, Havex, BlackEnergy 3, CrashOverride, and Triton)
- physical security access
- supply chain
- social engineering.
Teacher Resources:
- Open Web Application Security Project (https://www.owasp.org/index.php/Main_Page Links to an external site.)
- Richard Clarke Keynote (Video) (https://youtu.be/Dtesjn9s_PU
Links to an external site.
) - Understanding Threats will Promote the "Right Amount" of Security, General Electric and Dragos (https://dragos.com/wp-content/uploads/SecIndSys_RightSecurity_GEDragos.pdf Links to an external site.)
Process/Skill Questions:
- What was new about Stuxnet?
- What is social engineering?
- Why is physical security part of cybersecurity?