Water supply professionals and government planners have long been aware that urban water systems are a lucrative target for cyber adversaries. Water utilities are heavily using industrial control system (ICS) networks to control the physical processes essential to water treatment and distribution systems. Network isolation and segmentation are key protections that prevent unauthorized access to these SCADA/ICS systems and to keep hostile adversaries at bay.
Locked Shields is a unique international cyber defence exercise offering the most complex technical live-fire challenge in the world. In 2019, a water treatment facility was part of targeted critical infrastructure. This article describes how SensorFu Beacon, a continuous network leak detection solution, was successfully used by a defending blue team to continuously maintain isolation of water utilities SCADA/ICS network while facing skilled and motivated adversary.
In this whitepaper we discuss: