ICS Security Conference 2020 Report -Part1-

On February 14, 2020, JPCERT/CC held ICS Security Conference 2020 at Asakusabashi Hulic Hall. This conference aims at improving security measures and best practices of ICS through sharing threat trend against ICS in Japan and the world as well as the latest security activities conducted in related industries and enterprises. 307 people participated in the event this year. This blog entry and the next one introduce the summary of the seven talks presented at the conference.

Opening Remarks

The conference started with the opening remarks by Dr. Ikuo Misumi, the Deputy Director-General for Cybersecurity and Information Technology at the Ministry of Economy, Trade and Industry. He first mentioned the rising awareness of ICS security in Saudi Arabia, where he visited recently, and then called for the need to consider comprehensive security measures which involve the measures against issues like service continuity and safety in the real world, in accordance with today’s ongoing integration of the cyber space and the physical space.

ICS Security Policy in Industrial Area

By Hiroaki Kamoda (Cybersecurity Division, Commerce and Information Policy Bureau, Ministry of Economy Trade and Industry)

Slides (Japanese only)

Dr. Kamoda introduced the trend of cyber attacks and METI’s initiatives in ICS security, particularly the Cyber/Physical Security Framework (CPSF), which was developed last year.

At the beginning, he mentioned that IPA spotted attacks against supply chain as one of the top ten information security threats that was most influential to the society in 2019. He discussed current cyber attacks against supply chain, which became more serious than before, introducing the real attacks in the past, such as the exploitation of the auto-update function on ASUS devices, the malicious code injected to OSS library, and other cases in which the influence of cyber attack extended further to ICS.

As a part of METI’s initiatives in cyber security, Dr. Kamoda introduced “Cyber/Physical Security Framework (CPSF),” which is designed for the security of supply chain in the coming cyber/physical integrated society. He argued that although this framework contains various measures comprehensively, it is important for each organization to understand their service and system and then select and utilize the measures needed in their particular case. In addition, he described the current state of each industrial area’s Task Force (TF), which promotes the refinement and implementation of the security measures based on the framework. He also introduced other resources such as cyber security management guideline for managers, the result of the investigations on SMEs’ security, and various activities for ICS capacity building.

The Present and the Future of ICS Security -Looking back the past year-

By Toshio Miyachi (Expert Advisor, ICSR Group, JPCERT/CC)

Slides (Japanese only)

Dr. Toshio Miyachi, an Expert Advisor at JPCERT/CC, discussed the trend of ICS security based on the related events in 2019.

Although no major incident occurred in 2019, Dr. Miyachi pointed out that it 10 years have passed since some of the historical events in ICS security, such as discovery of Stuxnet, the first malware created to target ICS, and the launch of SHODAN Web service. Cyber strategy in national defense is changing as well, and thus he argued that 2020 will be the turning point for ICS security.

Regarding the incident trend of ICS, he introduced some facts. The number of ICS incidents in the world is increasing rapidly, and the failure report in the power supply network in the U.S. formally mentioned “cyber incident” for the first time. He also introduced the cases of ransomware attack which became more serious than before as well as other cases in which malware infection caused the suspension of production process.

Regarding the vulnerability trend of ICS, he first mentioned that the number of published vulnerabilities is stable around 200 every year, and then he discussed the recent problems such as increasing vulnerabilities in medical devices, bi-polarization of ICS vendors’ response to vulnerabilities, and accumulated N-day vulnerabilities.

In the presentation, he also introduced the trend of ICS security certification system, Defense Advanced Research Projects Agency (DARPA)’s* black start exercise of power network, the trend of cyber insurance, newly released documents and tools, and other topics.

Protect Supply Chain! -Dream of Japanese Manufacturers-

By Hiroyuki Watanabe (Senior Vice President, NEC Platforms, Ltd.)

Download the slides/Contact the presenter (Japanese only):
NEC Platforms,Ltd. Website

Mr. Watanabe introduced NEC Platforms’ secure production process, management of its entire supply chain, and other security measures the company has been promoting.

In NEC Platforms, important data, which is necessary for their production and hence has to be managed properly, is defined as “Controlled Unclassified Information (CUI).” The company is dedicated to take full control of its supply, production, and logistics processes, while raising the standard of their management upon secure production process.

For the first step, the company deployed realistic measures that can easily be accepted by the workers on site, and then assessments were conducted to track the progress as well as collect other important data from the production site. Based on the results of the assessments, the company took necessary additional measures. Mr. Watanabe also mentioned that the company was developing CUI monitoring and assurance system for secure CUI management, in which blockchain technology is used. In addition, he mentioned the company’s activities for secure supply and logistics as a part of NEC Platforms’ management of the entire supply chain. At last, he also introduced an interest group whose aim is to achieve the perfected secure production process that also contributes to the Sustainable Development Goals.

In Closing

This article covered the first three presentations delivered in ICS Security Conference 2020. The next entry of JPCERT/CC Eyes will introduce the rest of the presentations.

- Miki Ikegami
(Translated by Takumi Nakano)