As a follow-up to an earlier post concerning real (physical) damage from cyber-attacks, check out this post on Wired about damage done to a steel mill in Germany. Talk about scary…and it’s just going to get worse, I’m afraid. At least until people understand that infrastructure and control networks MUST be separated and secured from the Internet and other Internet facing networks/systems. In the simplest form, you can tie the two networks together and remove the connecting cable….leave it unconnected, except only when needing to perform patches, etc. And then, lock the connecting ports up in a box of some sort, and only the CIO and Admin have the keys. (I’m not kidding folks.)
Yes, I know….this is a bit too simplistic and perhaps not viable in the real world. But, we need to take this seriously. With the escalation of nation state “cyberwar”, you will be seeing more examples of this over the next couple of years. I’m worried…are you?