Mirai Attack — Incident Summary and Recommendations
ASIS Council Leadership
November 4, 2016
In October 2016, a considerable portion of the United States and some parts of Europe were hit with massive distributed denial of service (DDOS) attacks. Hackers were able to effectively take down the internet by overloading the capacity of supporting providers. Their "army" was a multitude of smart devices (connected to the internet with default passwords) that had been infected with purpose-written malware. In response, ASIS Council Leadership released several resources to the public that are normally reserved for ASIS members:
» View the full summary and additional resources
ASIS Members-Only Access
(access to these materials requires
ASIS International membership)
After the Data Breach
Seminar Session 2212, September 2016
- Richard Wright, CPP, Director of Global Security Operations, VDI, Inc.
- Bruce Blythe, Chairman, R3 Continuum
- Hart Brown, Vice President, Organizational Resilience, HUB International
- Rachelle Loyear, Director of Business Continuity Management, Charter Communications
After examining the business and personal costs of a data breach, the speakers describe a typical response from a legal and IT perspective, which includes auditing and investigating the scope of the breach, compliance initiatives, notifications, and credit monitoring. They conclude, however, that non-traditional responses must be a part of the solution. Using cases of recent breaches as examples, the speakers focus on three specifics:
- Human factors, including stakeholder outrage, employee concerns, organizational stability, and the four components of a good crisis leader: empathy, expertise, commitment, and transparency.
- Communications, including notifying affected audiences in a timely way without rushing to conclusions, using clear and transparent messaging, and accessing cyber insurance resources and services.
- Crisis response, including a coordinated crisis response team that identifies responsibilities and final authorities.
The goal is to prevent day-to-day incidents from becoming a full-blown crisis. Awareness is key: an informed user behaves responsibly and takes fewer risks.
Cyber Risks to IoT and Building Controls
Seminar Session 3213, September 2016
- Coleman Wolf, CPP, Security Lead, ESD Global, Inc.
- Rodney Thayer, Convergence Engineer, Smithee, Spelvin, Agnew & Plinge, Inc.
After a review of resource documents that address open protocols and IT centric devices, the speakers focus on the drivers and underlying devices that pose IoT and business control system risks. A list of ten concerns includes the following:
- System infrastructure is often hidden and out of mind for users, who don’t realize that devices on their computers can be hacked and do something that they were not intended to do.
- Business control systems are moving toward greater complexity, more layering, and convergence.
- Accidental failures may denigrate a system’s security, and hacking today is easier to do at low cost.
» View the associated handout for this seminar presentation
Butterworth-Heinemann; Elsevier, 2015
Author: George Loukas
Chapter 4: Cyber-Physical Attacks on Industrial Control Systems
Excerpt courtesy of Elsevier.
This comprehensive chapter begins with a review of threats to supervisory control and data acquisition (SCADA), programmable logic controllers (PLCs), and other systems used in critical infrastructures. The author asserts that these systems are matters of national security in most of the world. The chapter is separated into three sections:
- A discussion of the most common of these systems, SCADA, and associated threats.
- A real-world case study focusing on the Stuxnet attack against a uranium enrichment facility in Iran.
- An examination of the target of state-sponsored attacks, the electric grid, using the Aurora Generator Test as an example.
The chapter is peppered with informative illustrations showing three generations of SCADA, with a fourth only a vision of IoT trends, for example, and replicating smart grid architecture with multiple sources of energy, power transmission, a distributed network, and multiple electricity consumers. The illustrations graphically show numerous of points of vulnerability in each system.
Additional Seminar Session Excerpts
From the ASIS Seminar Archive
These curated CyberSecurity seminar sessions were first made available to members in early 2016:
Using Big Data
Big data is exploding on business networks, leaving many security practitioners wondering how to create a viable yet secure way to store but still access this vital information.
Preventing Data Breaches
Using a case study approach, Robert Eggebrecht, BEW Global, walks through the process his company employed to zero in on an insider who was responsible for the theft of $30,000 of intellectual property from his high-profile employer.
Evaluating a Provider’s Cloud Security
Companies are increasingly moving large amounts of confidential data to the cloud, often without the knowledge of corporate IT and security staff. These managers must play catch-up to ensure the viability of the cloud service provider’s security processes.
For More Information
(access to selected library materials may require ASIS membership)
ASIS Information Resources Center (IRC) Security Databases & Library Catalog
A comprehensive review of the many international, nation, and local resources on cybercrime and cybersecurity has been compiled by the ASIS Information Resources Center (IRC). The PDF provides access to reports, essays, news, and opinions from thought leaders involved in creating policies and practices on such timely topics as the global state of information security, big data breaches, the global cost of cybercrime, best practices in data protection, and the Internet of Things. To access these resources, sign in to the
ASIS website and type
Information Resources Center Cybercrime and Cybersecurity Information Sources into the search box. You may also view the members-only
CyberSecurity IRC Guide curated in early 2016.
Additional resources on these and related topics can be obtained from the IRC. Print items are available for use onsite in the IRC by ASIS International members.
Go to the library’s web pages to navigate to the Security Database & Library Catalog.
For more help and search suggestions,
email questions to the librarian or
fill out our contact form.
Past Relevant Security Spotlights
Previously, ASIS International published these Security Spotlights on issues relevant to CyberSecurity: