SFI-NORCICS: An introduction to Work Package 2 - “Foundations“

In 2020-21 a number of successful attacks against industrial control systems (ICS/OT) caused significant disruption or would have endangered the population if operators had not responded in time [1]. Many of these attacks were technically unsophisticated and did not need to be very advanced as the combination of remote work requirements and imperfect baseline security.

At the same time nation states have continued to demonstrate that carefully orchestrated campaigns will easily penetrate defences, including by targeting security and monitoring systems, even to a point where multiple nation states crowd one another in their targeting [2].

As part of the NORCICS SFI, we study attack patterns against OT systems in order to be able to identify effective and efficient defences, but also to anticipate more advanced attacks -- whilst many OT systems pose low barriers to attackers, even more diligently secured environments can and will be targeted for industrial espionage, sabotage, and blackmail; some of these systems may have been successfully subverted long before, with the attacker effectively blinding any monitoring mechanisms already in place. Without a clear understanding of how an OT system is operating and interacting with its environment, such adversaries will be hard to detect.

You can find more information about our work at: https://www.ntnu.edu/norcics and also at our LinkedIn, Twitter, and YouTube channels.

 [1] https://rusi.org/commentary/us-water-plant-suffers-cyber-attack-through-front-door

 [2] https://www.bloomberg.com/news/articles/2021-03-09/microsoft-solarwinds-breaches-spark-two-front-war-on-hackers