Aperture Podcast: Patrick Miller on Critical Infrastructure in a Time of Conflict
By Michael Mimoso | Feb. 22, 2022
As geopolitical tensions grow, critical infrastructure owners and operators must be proactive about communication and response in the event kinetic conflict spills onto the Internet.
That’s the message veteran industrial cybersecurity expert, Patrick Miller, hopes to immediately impart on electric utilities and other critical infrastructure owners as Russia and Ukraine teeter on the brink of conflict.
In Episode 25 of Claroty’s Aperture podcast, Miller discusses the need for formalized communication plans and information-sharing activities if a nation-state adversary targets a U.S. provider. He wrote in a blog post that compromised utilities will be pulled in numerous directions in a crisis – starting with communicating that there’s been an incident to numerous government agencies, handling questions from the media, and reassuring possibly frantic customers.
“Response is in their DNA. Standing up a response center like an incident command center (in the event of a natural disaster), you know how to set up communication paths to the governor or the National Guard,” Miller said of utilities. “What isn’t in their DNA is a lot of the additional overhead that comes from the other stuff, like three-letter agencies asking tough questions with difficult-to-obtain answers or regulatory deadlines you have to meet, or you will get penalized.”
The U.S. electric sector, Miller said, took careful notes on Russia’s 2015 attacks against portions of Ukraine’s power grid distribution and transmission systems that left more than 200,000 citizens without electricity. The attacks are extensively referenced inside utilities as a case study of how an adversary obtains utility-specific information and uses it to disrupt services, measure response, and fine-tune future aggressions.
“You finally had something to point at that says ‘This is not theoretical. This is now a reality.’” Miller said. “This is now table stakes.”
Download and subscribe to this episode to hear more about:
- The resilience of the U.S. grid
- Why it’s a mistake to dismiss network intrusions as mere capabilities demonstrations
- Miller’s experience in helping to develop the NERC CIP standard 20 years ago
- And the long-term future of the standard.