US-CERT issued a significant alert on March 15 about Russian state-sponsored threat activity against critical infrastructure sectors, including energy, aviation, and critical manufacturing. The only clear path is to start relying on network data analytics, which is far less vulnerable than other security tools to tampering and erasure by attackers.ICSs have always presented notoriously difficult security challenges because microcode is often embedded within proprietary hardware or aging computer platforms that are difficult or impossible to monitor and secure. An entire industry has sprung up to try to address this problem, involving network segmentation and secure overlay networks that require no instrumentation on the ICS assets.”]