Driving back home, I asked myself, where will ransomware attacks takes us next? I then read this article on Ars Technica. It is chilling but not far fetched to imagine a whole national grid being taken hostage. In the security community we often argue whether there is a need to connect SCADA systems to the Internet but I am sure the issue at hand is far more complicated than that.
A good place to start on how to approach the task on securing the grid systems is to follow a good advice from the UK’s Center For Protection Of National Infrastructure. It details their protective security methodology. Of course, vendors ought to bring these systems up to speed with the modern world in term of security resilience.