Japan ICS

More information from Japan.

As mentioned earlier this week, the Japanese Ministry of Economics, Trade and Industry (METI) has stepped up efforts on ICS security. The trigger was a malware infection spread by email of Mitsubishi Heavy Industries reported in 2011.

While the attack did not target or reach ICS, it got METI’s attention. They have formed J-CSIP (Japan Cyber Security Information sharing Partnership) in response. J-CSIP includes nine critical infrastructure/heavy industry companies as well as industry organizations that are helping facilitate the information sharing. They are beginning with sharing information about targeted email attacks.

Like JPCERT, the Information Protection Agency (IPA) also had an ICS security conference in February with approximately 300 attendees with Marty Edwards of DHS in attendance. IPA is active in the METI ICS Security Task Force and is leading the Standardization and the Evaluation and Certification Scheme Working Groups. The Task Force is also looking at a SCADA Test Bed similar to what the US has developed in the National Labs.

Given the strong automotive industry in Japan, it is not a surprise that IPA is also doing a survey of vehicle security. They are looking at intra and inter vehicle communications. The little bit I saw on this looked promising, and I hope to have follow up articles on this study. For example they are coming up with attack categories, such as disable the brakes, and then developing a matrix with attack related issues such as access vector (proximity, carry-on device, WAN), attack complexity, … and finally developing a CVSS score.

The Yomiuri Shimbun and NHK have taken a liking to the SCADA security story. There was a major article on Feb 29th in the English and Japanese versions of the Yomiuri Shimbun, and they have follow up stories in the works. The current slant is very “hacker”, but hopefully they will eventually focus on the security deficiencies.

Image by ryoki