"In a rare public warning to the power and utility industry, a CIA analyst last week said that cyberattackers have hacked into the computer systems of utility companies outside the United States and made demands, in at least one case causing a power outage that affected multiple cities.
"We do not know who executed these attacks or why, but all involved intrusions through the Internet," Tom Donahue, the CIA's top cybersecurity analyst, said Wednesday at a trade conference in New Orleans... "
Our Tivoli Industry Solutions architecture team for the Intelligent Utility takes this kind of news seriously.
The Tivoli Security framework provide a comprehensive protection against isolating control networks in industrial environments such as power generating stations, water treatment plants and gas industries. Starting with operating systems, Tivoli products such as Tivoli Access Manager for Operating Systems provide a layer of authorization policy enforcement in addition to that provided by the UNIX(R) and Linux(R) operating systems. An administrator defines additional authorization policy by applying fine-grained access controls that restrict or permit access to key system resources. Controls are based on user identity, group membership, the type of operation, the time of day or the day of the week, and the accessing application.
User identity management and provisioning entitlements are managed through a robust role based access control product called Tivoli Identity Manager. Identities are vetted with a stringent process using a Trusted Identity framework to provide identity-proofing before enrolling contract laborers. Web applications managing utility controls can be finely tuned to adhere to strict separation of duties and role and rule-based access control policies. Tivoli's Federated Identity Manager establishes a circle-of-trust to ensure only the most stringently vetted identities from outside the utility company can come in through the IP networks to access secure resources such as switchgear control switching centers and equipment. To complement these enforcement products, Tivoli provides a range of audit and compliance management products such as Tivoli Security Operations Manager and Tivoli Compliance Insight Manager to track operational activity, correlate events generated by the security infrastructure as well as perform compliance monitoring analysis on privileged user activity.
Together, Tivoli's products reduce the risk of unauthorized entry into the utilities control networks.