Proceedings magazine is a communication tool for the Coast Guard's Marine Safety & Security Council. Each quarterly magazine focuses on a specific theme of interest to the marine industry.
Issue link: https://uscgproceedings.epubxp.com/i/436751
47 Winter 2014 – 2015 Proceedings www.uscg.mil/proceedings Endnotes: 1. ICS Security in Maritime Transportation: A White Paper Examining the Security and Resiliency of Critical Transportation Infrastructure, U.S. Department of Transporta- tion, July 2013. 2. Cyber Security for SCADA Systems, Thales Group, Autumn 2013. 3. Cai, N., Wang, J. and Yu, X. (2008). SCADA system security, p. 569. Bibliography: Henrie, M. "Cyber Security Risk Management in the SCADA Critical Infrastructure Environment." Engineering Management Journal, no. 25.2, June 2013. Stouffer, K., Joe Falco and Karen Scarfone. Guide to Industrial Control Systems Security, National Institute of Standards and Technology, NIST Special Publication, 800-82, rev. 1, May 2013. Hentea, M. "Improving Security for SCADA Control System." Interdisciplinary Jour nal of Information, Knowledge, and Management, vol. 3, 2008. Hart, D. An Approach to Vulnerability Assessment for Navy Supervisory Control and Data Acquisition (SCADA) Systems. Naval Postgraduate School, master thesis, 2004. Amanullah, M.T.O., A. Kalam and A. Zayegh. Network Security Vulnerabilities in SCADA and EMS. Transmission and Distribution Conference and Exhibition, Asia and Pacifc, 2005 IEEE/PES. Creery A. and E.J. Byres. Industrial Cybersecurity for Power System and SCADA Net works. Amaroso, Cyber Attacks, 62-63; Petroleum and Chemical Industry Confer- ence, 2005. Industry Applications Society 52nd Annual. Cai, N., Jidong Wang and Xinghou Yu. SCADA System Security: Complexity, History, and New Developments. Industrial Informatics, 2008 6th IEEE International Confer- ence on Industrial Informatics. Kramer, F.D., Stuart H. Starr and Larry K. Wentz. Cyberpower and National Security. Washington, D.C.: National Defense University Press, 2009, p. 128. ICS Security in Maritime Transportation. A White Paper Examining the Security and Resiliency of Critical Transportation Infrastructure. U.S. Department of Transportation, July 2013. National Institute of Standards and Technology. Guide to Industrial Control Systems Security, 26. Weiss, J. Protecting Industrial Control Systems from Electronic Threats. New York: Momentum Press, 2010, p. 44. National Strategy for Maritime Security. Washington, DC: The White House, National Maritime Domain Awareness Plan, December 2013. disable any unnecessary or unused network services. Finally, IT personnel must implement strong authentication for any systems used for maintenance or communications, whether they be wired, wireless, or modems, lest they be used as a "back door" to infltrate a SCADA network. Government Eforts The U.S. government is taking an aggressive approach to promote SCADA system cybersecurity in the nation's infra- structure, including the MTS. Department of Homeland Security (DHS) personnel created a control systems security program and a cybersecurity evaluation tool to help indus- try owners assess and improve their cybersecurity posture. DHS also provides onsite security consultation specifcally targeted at SCADA systems. Additionally, the U.S. Coast Guard is raising awareness regarding such resources for MTS owners and operators, and highly encourages MTS personnel to review and imple- ment recommendations made in the National Institute of Standards and Technology cybersecurity framework (see related article). Unfortunately, bad actors, ranging from criminals and terrorists to disgruntled employees, may wish to tamper with SCADA systems, and the means for them to do so are becoming more sophisticated. MTS leaders and the U.S. government must continue to take these threats seriously and enforce measures to enhance the cybersecurity of these crucial systems. About the author: LCDR Jennifer Konon is the chief of the Intelligence Division, U.S. Coast Guard Sector Delaware Bay. She is a 2002 graduate from the U.S. Coast Guard Academy, and holds a bachelor's degree in government and a master's degree in astronomy. She has served on the Commandant's Intelligence Plot and is currently a candidate for a master's degree in science and technology intelligence with a cyber concentration at the National Intelligence Univer sity.