Evaluating the Security Posture and Protection of Critical Assets of Industrial Control Systems in Zambia

Authors

  • Lukumba Phiri School of Engineering, University of Zambia, Lusaka, Zambia
  • Simon Tembo School of Engineering, University of Zambia, Lusaka, Zambia

DOI:

https://doi.org/10.31695/IJASRE.2022.8.5.1

Keywords:

Industrial Control Systems, ICS, SCADA, Operational Technology, CPS, Cyber Security

Abstract

The number of successful attacks on vital infrastructure has increased, as has the sophistication of the attacks. Many cybersecurity strategies include traditional best practices, but they frequently overlook organizational circumstances and unique critical infrastructure protection requirements. The goal of this qualitative multiple case research was to look into the cybersecurity tactics employed by IT managers and compliance officers to protect critical infrastructure from cyber threats. The participants in this study were IT managers and compliance officials from four Zambian case organizations. The conceptual framework was based on the routine activity theory published by criminologists Cohen and Felson in 1979. Interviews with two IT managers, three compliance officers, and 25 papers relating to cybersecurity and policy governance were used to gather data. Four significant themes emerged from data triangulation: the need for a robust worker training program, prioritizing infrastructure resiliency, the importance of security awareness, and the importance of organizational leadership support and investment. This research uncovered essential tactics that can help OT and compliance professionals enhance their cybersecurity strategy, which can help reduce successful assaults on critical infrastructure. The study findings will contribute to positive social change through an exploration and contextual analysis of cybersecurity strategy with situational awareness of OT practices to enhance cyber threat mitigation and inform business processes.

References

Candell R, Zimmerman T, Stouffer K. NISTIR 8089: An Industrial Control System Cybersecurity Performance Testbed. 2015http://nvlpubs.nist.gov/nistpubs/ir/ 2015/NIST.IR.8089.pdf.

Phiri, Lukumba & Tembo, Simon. (2022a). Petri Net-Based (PN) Cyber Risk Assessment and Modeling for Zambian Smart Grid (SG) ICS and SCADA Systems. 10.5923/j.computer.20221201.01.

Phiri, Lukumba & Tembo, Simon. (2022b). Cyberphysical Security Analysis of Digital Control Systems in Hydro Electric Power Grids. Computer Science and Engineering. 12. 15-29. 10.5923/j.computer.20221201.02.

Trend Micro April, et al. “An in-Depth Look at ICS Vulnerabilities Part 3.” Trend Micro, 6 Apr. 2022, https://www.trendmicro.com/en_us/research/22/d/an-in-depth-look-at-ics-vulnerabilities-part-3.html.

“Threat Landscape for Industrial Automation Systems. Vulnerabilities Identified in 2019: Kaspersky ICS CERT.” Kaspersky ICS CERT | Kaspersky Industrial Control Systems Cyber Emergency Response Team, 14 Dec. 2021, https://ics-cert.kaspersky.com/publications/reports/2020/04/24/threat-landscape-for-industrial-automation-systems-vulnerabilities-identified-in-2019/.

The Cyber Security and Cyber Crimes Act, 2021.

“National Cyber Security Policy Approved.” MISA Zambia, 27 Jan. 2021, https://zambia.misa.org/2021/01/27/national-cyber-security-policy-approved/. FLEXChip Signal Processor (MC68175/D), Motorola, 1996.

Mwila, Kingston & Lubobya, Charles. (2019). An Assessment of Cyber Attacks Preparedness Strategy for Public and Private Sectors in Zambia. 8. 10.15680/IJIRSET.2019.0812041.

Chinyemba, Melissa K. & Phiri, Jackson. (2018). An Investigation into Information Security Threats from Insiders and how to Mitigate them: A Case Study of Zambian Public Sector. Journal of Computer Science. 14. 1389-1400. 10.3844/jcssp.2018.1389.1400.

Shadi Moradi Seresht. 2009. A Methodology for Software Requirements Elicitation and Analysis: Semi-Automatic Assistance in Elicitation and Analysis of Textual User Requirements. VDM Verlag, Saarbrücken, DEU.

https://www.txone-networks.com/blog/content/txone-networks-2021-cybersecurity-report

CISO MAG, “Are We Really Out of the Maze? The Ransomware Gang Announces Retirement”, Nov. 3, 2020

Colonial Pipeline: The Darkside Strikes - Congress. https://crsreports.congress.gov/product/pdf/IN/IN11667.

Associated Press, “Colonial Pipeline confirms it paid $4.4m ransom to hacker gang after the attack”, The Guardian, May 20, 2021

Shaun Nichols, “Kaseya ransomware attacks: What we know so far”, TechTarget, July 6, 2021

Lance Whitney, “Kaseya supply chain attack impacts more than 1,000 companies”, TechRepublic, July 6, 2021

Pedro Tavares, “A full analysis of the BlackMatter ransomware”, Infosec, Nov. 10, 2021

Trend Micro Research, “Toward a New Momentum: Trend Micro Security Predictions for 2022”, Trend Micro, Dec. 7, 2021

FireEye, "Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure”," 14 December 2017. [Online]. Available: https://www.fireeye.com/blog/threat-research/2018/06/totally-tubular-treatise-on-triton-and-tristation.html.

T. W. S. Journal, "New Type of Cyberattack Targets Factory Safety Systems," 19 January 2018. [Online]. Available: https://www.wsj.com/articles/hack-at-saudi-petrochemical-plant-compromised-a-safety-shut-off-system-1516301692.

Alessandro Di Pinto, Younes Dragoni, Andrea Carcano, TRITON: The First ICS Cyber Attack on Safety Instrument Systems Understanding the Malware, It's Communications, and Its OT Payload

OFFIS e.V. “Home.” OFFIS E.V., https://www.offis.de/en/offis/publication/study-on-the-evaluation-of-risks-of-cyber-incidents-and-on-costs-of-preventing-cyber-incidents-in-the-energy-sector.html.

N. Perlroth, In cyberattack on Saudi rm, U.S. sees Iran firing back,The New York Times, (www:nytimes:com/2012/10/24/business/global/cyberattack-on-saudi-oil-firm-disquiets-us:html),October 23, 2012.

Symantec, The Shamoon attacks, Symantec, (www:symantec:com/connect/blogs/shamoon-attacks), August 16, 2011.

Kevin Hemsley, & Ronald E. Fisher, History of Cyber Incidents and Threats to Industrial Control Systems

C. Peng, H. Sun, M. Yang and Y. -L. Wang, "A Survey on Security Communication and Control for Smart Grids Under Malicious Cyber Attacks," in IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 49, no. 8, pp. 1554-1569, Aug. 2019, doi: 10.1109/TSMC.2018.2884952.

Yan, Ye & Qian, Yi & Sharif, Hamid & Tipper, David. (2012). A Survey on Cyber Security for Smart Grid Commu-nications. Communications Surveys & Tutorials, IEEE. 14. 998-1010. 10.1109/SURV.2012.010912.00035.

Zakaria El Mrabet, Naima Kaabouch, Hassan El Ghazi, Hamid El Ghazi, Cyber-security in smart grid: Survey and challenges, Computers & Electrical Engineering, Volume 67,2018, Pages 469-482, ISSN 0045-7906, https://doi.org/10.1016/j.compeleceng.2018.01.015.

Cherdantseva, Y., Burnap, P., Blyth, A., Eden, P., Jones, K., Soulsby, H., Stoddart, K., 2016. A review of cyber security risk assessment methods for SCADA systems. Comput. Secur. 56, 1–27.

Knowles, W., Prince, D., Hutchison, D., Pagna Disso, J.F., Jones, K., 2015. A survey of cyber security management in industrial control systems. Int. J. Crit. Infrastruct. Protect. 9, 52–80.

Kriaaa, S. , Pietre-Cambacedes, L. , Bouissou, M. , Halgand, Y. , 2015. A survey of approaches combining safety and security for industrial control systems. Reliab.Eng. Syst. Saf. 139, 156–178

Sajid, A. , Abbas, H. , Saleem, K. , 2016. Cloud-assisted IOT-based SCADA systems security: a review of the state of the art and future challenges. IEEE Access 4,1375–1384

D. Ding, Q. L. Han, Z. Wang, and X. Ge, “A Survey on Model-based Distributed Control and Filtering for Industrial Cyber-Physical Systems,” IEEE Transactions on Industrial Informatics, vol. 15, no. 5, pp. 2483-2499, May 2019.

E. Molina, E. Jacob, “Software-Defined Networking in Cyber-Physical Systems: A Survey,” Computers & Electrical Engineering, vol. 66, pp. 407-419, February 2018.

P. Zeng and P Zhou, “Intrusion Detection in SCADA System: A Survey,” Springer Singapore, pp. 342-351, 2018.

Yin, R. K. (2017). Case study research and applications: Design and methods. Sage publications.

Fraenkel, J.R. & Wallen, N.E. (2002). How to design and evaluate research in education (5th Ed.). Boston: McGraw Hill.

Hamed Taherdoost. Sampling Methods in Research Methodology; How to Choose a Sampling Technique for Research. International Journal of Academic Research in Management (IJARM), 2016, 5. hal-02546796

Kothari, C. R. (2011). Research methodology and techniques Delhi: New Age International Limited Publishers.

Hair, J. F., Money, A. H., Samouel, P., & Page, M. (2007). Research methods for business.Education+ Training.

Survey options based on CISA’s critical infrastructure sector definitions, with some modifiers for ICS-specific elements, www.cisa.gov/critical-infrastructure-sectors

Downloads

How to Cite

Phiri, L., & Simon Tembo. (2022). Evaluating the Security Posture and Protection of Critical Assets of Industrial Control Systems in Zambia. International Journal of Advances in Scientific Research and Engineering (IJASRE), ISSN:2454-8006, DOI: 10.31695/IJASRE, 8(5), 1–22. https://doi.org/10.31695/IJASRE.2022.8.5.1

Issue

Vol. 8 No. 5: IJASRE May-2022

Section

Articles

License

Copyright (c) 2022 Lukumba Phiri, Simon Tembo

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.