This book provides a template with step-by-step instructions on how to respond and recover when hackers get into your SCADA system and cause building equipment to act erratically or fail completely. When hackers shut off the water, turn off the building power, disable the sewage effluent pumps and activate the fire alarm, you have to do something quick. It is even more alarming that hackers can do all those things at the same time—even from the other side of the planet.
Not every equipment failure or power outage is a cyber-physical attack. When your building is attacked, you probably won’t suspect it was a hacker—until you see a pattern. The building control system (BCS) will act "squirrelly" and you will know—it really is a cyber-physical attack.
Once a cyber-physical attack occurs, it can mean years of court cases, job losses, higher insurance rates, and maybe even criminal litigation. It also takes years to overcome the loss of safety credibility to your employees and the local community. Cyber-Physical Attack Recovery Procedures provides a detailed guide to taking the right steps ahead of time, and equipping your facility and employees with the training, knowledge, and tools they need and may save lives.
The book contains:
- A one-of-a-kind action plan describing how hackers attack building equipment, the extent of damage possible, and how to respond when a cyber-physical attack occurs.
- Detailed descriptions of cyber-physical attacks directed against SCADA systems or building controls, as well as cyber booby traps
- Invaluable appendices, including: Emergency Procedures, Team Staffing and Tasking, Alternate Site Procedures, a Documentation List, Software and Hardware Inventories, Vendor Contact Lists, External Support Agreements, and much more.
What you’ll learn
- Possible ways hackers can cause building equipment to fail.
- How to quickly assess the threat to his facilities in real time, how to stop a cyber-physical attack.
- How to restore equipment operation without doing any more damage.
Who This Book Is ForArchitects, Engineers, Building Managers, Students, Researchers and Consultants interested in cybersecurity-attacks against facilities in the real world. Also for IT professionals getting involved in cybersecurity responsibilities.