ABSTRACT
October 21, 2016, is etched in the memory of security professionals and computer scientists as the Mirai Botnet attack. It was 1995 and the juggernauts of Internet business were rapidly gathering steam. At this time, businesses were just beginning to get on the Internet. A cheap toaster with poorly written software that’s exposed to computer networks or the Internet is not just an unreliable toast-making machine, but a ticking information security time bomb. Remote administration systems and interfaces of connected critical infrastructure such as power grids are juicy targets for highly skilled and resourced attackers. There is an assumption that security controls deployed in environments hosting such infrastructure are staffed with highly expert security management personnel paying great attention to detail—at least that’s the case in the leading tech countries of the world.
