(SecurityWeek – Eduard Kovacs) – The U.S. House of Representatives on Monday passed a bill aimed at protecting industrial control systems (ICS), particularly ones used in critical infrastructure, against cyberattacks.
The legislation, H.R. 5733, formally known as the “DHS Industrial Control Systems Capabilities Enhancement Act,” was introduced on May 9 by Rep. Don Bacon (R-NE) and it was approved by the House Committee on Homeland Security on June 6. The bill was announced a few weeks after the United States officially accused Russia of attempting to take control of critical infrastructure systems.
The new bill amends the Homeland Security Act of 2002 and requires the DHS’s National Cybersecurity and Communications Integration Center (NCCIC) to identify and mitigate threats and risks to ICS technologies and products used in critical infrastructure organizations.
The bill also requires NCCIC to maintain cross-sector incident response capabilities for ICS-related events, and provide technical assistance to end-users, product manufacturers, and other stakeholders in identifying and mitigating vulnerabilities in industrial control systems.
The agency is also required to provide the ICS community information on vulnerabilities based on collaboration with security researchers, manufacturers and industry end-users. The DHS will have to brief Congress every six months over the next four years.
The Congressional Budget Office (CBO) estimates that enacting this piece of legislation would cost less than $500,000 over the 2019-2023 period due to the fact that NCCIC already provides assistance to critical infrastructure operators and control system vendors, and the bill would only codify the agency’s responsibilities without imposing any new operating requirements.
“The next ‘Pearl Harbor attack’ will not be with missiles and torpedoes alone, but will be paired with attacks to our private sector functions needed to support our daily lives, such as our electric grid,” said Rep. Bacon. “DHS provides critical support to operators of industrial control systems (ICS), and my bill clarifies this responsibility so the Department can continue to identify and address threats to ICS in critical infrastructure. Any disruption or damage to critical infrastructure has the potential to cause catastrophic consequences to our nation’s public health and safety, economic security, and national security.”
U.S. House Passes Bill to Enhance Industrial Cybersecurity
(SecurityWeek - Eduard Kovacs) - The U.S. House of Representatives on Monday passed a bill aimed at protecting industrial control systems (ICS), particularly ones used in critical infrastructure, against cyberattacks. The legislation, H.R. 5733, formally known as the “DHS Industrial Control Systems Capabilities Enhancement Act,” was introduced on May 9 by Rep. Don Bacon (R-NE) and it was approved by the House Committee on Homeland Security on June 6. The bill was announced a few weeks after the United States officially
Rockwell Patches Vulnerability Impacting Safety Controllers From Several Vendors
(Eduard Kovacs - SecurityWeek) - In April, at SecurityWeek’s ICS Cyber Security Conference in Singapore, industrial cybersecurity firm Applied Risk disclosed the details of a serious denial-of-service (DoS) vulnerability affecting safety controllers from several major vendors. Rockwell Automation is one of those vendors and the company has now released patches for its products. In an advisory published last week, Rockwell Automation informed customers that the flaw impacts Allen-Bradley CompactLogix 5370 and Compact GuardLogix 5370 programmable automation controllers, which are used to control processes
Triton ICS Malware Developers Likely Copied Code From Legitimate Libraries
(Eduard Kovacs - SecurityWeek) - The developers of Triton, a recently discovered piece of malware designed to target industrial control systems (ICS), reverse engineered a legitimate file in an effort to understand how the targeted devices work. Triton, also known as Trisis and HatMan, was discovered in August 2017 after a threat group linked by some to Iran used it against a critical infrastructure organization in the Middle East. The malware targets Schneider Electric’s Triconex Safety Instrumented System (SIS) controllers, which