What is critical infrastructure and how should it be protected
The U.S. government considers industrial control systems critical infrastructure, and many industries are now part of this designation. Examples include oil pipelines and refineries, water treatment plants, and electricity. Industrial control systems cybersecurity is being discussed more and more because of the increased vulnerability of these systems to cyberattacks.
There are various ways that industrial control systems can be protected from cyberattacks:
– Introduce strong, multipart passwords.
– Implement intrusion detection and prevention .
– Use network access control.
– Use an “air gap.”
A strong password is a password that is difficult to guess, generally consisting of a mix of at least six of the following: upper- and lower-case letters, numbers, and symbols.
A strong password should not be easily guessed by the typical user and should never correspond with any personal information. For example, a strong password should not be your name or other common words that can be found in an online dictionary. It also would not include your birth date or any additional personal information such as your address or phone number.
A strong password should be changed frequently to make it difficult for someone to crack it through guessing or brute force attacks on short passwords.
Intrusion detection is the process of detecting unwanted or unauthorized access to a computer.
The intrusion detection system may try to identify an attack by comparing the system state against a “known good” baseline. If there is a significant deviation, then the IDS may collect logs and create alerts to be investigated.
Intrusion prevention is an active countermeasure where possible violations are blocked, denied, or otherwise mitigated to prevent damage to computer systems and data.
Network access control is a system that limits the network resources that a given user can access. The system is designed to allow users to use their own schemas without affecting other people.
The network access control system will typically identify a user by their username and password, which it uses to assign them to a group. When the username and password are entered correctly, the system permits the user to log in and use their assigned group’s schema for accessing resources on the network. If they enter an incorrect username or password, they are denied login privileges.
An air gap is a security measure that isolates two networks from each other, and it’s an important safeguard for protecting data from external threats. An air gap can be anything from a large physical distance between systems to the use of an offline computer or devices that are not connected to any network. An air gap can work as a buffer zone between two networks or systems so that malware cannot pass from one system to another without passing through additional defenses first.