1 min read

Cybersecurity Guidelines for U.S. High-Risk Chemical Facilities Are a Decade Old

Silviu STAHIE

May 19, 2020

Cybersecurity Guidelines for U.S. High-Risk Chemical Facilities Are a Decade Old

The US Government Accountability Office (GAO) has issued a report on the cybersecurity of the high-risk chemical facilities and found serious security issues as the guidance for policies and protection procedures hasn”t been updated in a decade.

The Department of Homeland Security (DHS) is responsible for monitoring all high-security installations, including high-risk chemical facilities. More precisely, oversight is provided by the Chemical Facility Anti-Terrorism Standards (CFATS) program within the DHS.

The latest GAO report found that the CFATS program is in charge of setting the policies for around 3,300 facilities, but the guidance issued by the program hasn”t been updated in 10 years, leaving all facilities open to current threats and technological advances.

“A successful cyberattack against chemical facilities” information and process control systems can disrupt or shut down operations and lead to serious consequences, such as health and safety risks, including substantial loss of life,” concludes the report.

“The chemical sector”s increasing reliance on these systems to more efficiently control and automate the production and use of hazardous chemicals combined with the rise in adversaries” efforts to manipulate and exploit vulnerabilities via evolving techniques, such as malware, and others, illustrate the importance of ensuring that high-risk chemical facilities are fully prepared to sustain and recover from these types of attacks.”

GAO made a series of recommendations to the DHS, which includes the revision of the old guidance, the implementation of cybersecurity measures at regular intervals and tracking their effectiveness, and more.

High-risk industries, such as power generation, chemical facilities, utilities, government and military, are regularly targeted by ransomware, APT groups and even state actors. It stands to reason that DHS would be directly interested in keeping these facilities as secure as possible.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read