In physical world, it is beautiful scenery. In cyber world, Aurora vulnerability refers cyber attack resulting into damage of physical components (the generator) in the electric grid.
When the threat actor is able to reach the control network, repeatedly sending command for rapidly open and close a generator’s circuit breakers out of phase will cause it explode.
For such critical asset with severe consequence when failed, necessary cybersecurity controls shall include but not limited to these measures:
- Incorporate security at design stage
- Isolate automation components from external connections
- Zone components within control system network
- Apply least privilege principle
- Control physical access to critical asset
- Conduct regular cyber maintenance (protection updates
- Validate incident detection and respond readiness
- Equip support personnel skill set
- Execute periodic assessment for assurance
- Refresh end of life components
- Manage insider threat