Attack Recovery Mechanisms for ICS: Common Cyberattacks, Cryptographic Key Management, and Host-Based Mitigation Strategies
摘要
This chapter discusses ICS attack recovery strategies, which are essentially targeted through information, IT, operational technology (OT), and offensive cybersecurity. It describes standard recovery measures for cyberattacks, focusing on cyber resiliency, as well as the timeline of a cyberattack in the ICS vertical. The chapter explores lessons learned from recoveries of some attacks, including CRASHOVERRIDE, and also discusses ICS vulnerabilities and threats that also apply to embedded systems. It also includes risk management and prevention methods, network security, and best practices for ICS cyberdefense. Additionally, the chapter examines how Public Key Infrastructure (PKI) can be leveraged for improved security. This is the context that will allow readers to build resilient recovery techniques to protect their ICS environment from cyberattacks.