Industrial control systems are the backbone for some of society’s most critical services — water, power and natural gas, to mention a few. A successful cyber attack on any of these systems poses severe economic, social and political ramifications.
Let’s look at some of the top challenges and threats facing ICSes today and examine how to keep these systems secure.
Many ICSes were designed decades ago when cybersecurity wasn’t a key consideration. Overlaying modern security on top of legacy architecture can be difficult. Likewise, the software ICSes run is often old and does not contain many of the security features today’s software can accommodate, such as strong authentication, encryption and protection against web application attacks, such as cross-site scripting or SQL attacks.
If security was not implemented when the ICS was installed — which is typically the case for most legacy systems — hardware and software visibility are missing. This makes monitoring and log management nearly, if not completely, impossible and hinders auditing capabilities.
Patching systems requires downtime. The systems being updated, however, often cannot be taken offline because they enable critical services. To further the problem, many legacy ICSes don’t have automatic failover. For these reasons, many companies do not patch the systems. Critical security holes that open the door to potential breaches can result.
ICSes and operational technology (OT) systems are typically managed and operated by an independent team separate from the IT organization. Once ICSes are upgraded, they require more IT expertise. IT/OT integration — merging ICSes with IT systems — requires reorganization, rethinking and more efficient exchange of information, all of which can create friction.
Investing in ICS security requires a strong business case. Unlike business investments, the cost and return of ICS security spending can’t be easily measured. Managers should use loss prevention — not ROI — as the standard gauging the importance of ICS security funding.
Infecting ICSes with malware historically involved a physical threat, such as plugging an infected USB drive into the ICS. Connecting ICSes to the internet has expanded the threat of malware.
Like other systems, ICSes must be protected against malware and other cyber attacks. Triton and Stuxnet are two examples of malware that specifically targeted ICSes, though other everyday malware is just as threatening. Worms, Trojans, ransomware, wiper malware and other threats must be mitigated against. Botnets and DDoS attacks are also common threats.
Because ICS visibility is limited, intrusions can embed without detection for a long time. This makes it possible for bad actors to extract and exploit valuable information.
Unless ICS and IT systems are interconnected correctly and safely, attacks can spread laterally across both networks.
In this attack, malicious actors break into an ICS and activate the firmware update mode on a sensor or device. The firmware update is never done, however, and the hardware is put into a holding state. Attackers take advantage of this, as the device’s normal functions — for example, process monitoring — may be disabled, leaving the attacker free to infiltrate the device and system.
Attackers look up default or hardcoded usernames and passwords for manufactured devices and use those credentials to gain access to a company’s ICS network.
Take the following steps to prevent, detect and mitigate the aforementioned issues:
Cloud-managed Wi-Fi provides IT groups with several benefits, including policy enforcement, network management and consistent AP …
As enterprises accelerate toward digitization of their complete IT stack, NaaS — which can lower costs, increase QoS and improve…
Network asset management software helps network teams keep track of network devices and software, ensuring timely upgrades, …
The California Age-Appropriate Design Code Act goes into effect in 2024, meaning businesses with users under the age of 18 should…
In this Q&A, Schneider Electric’s Michael Lofty discusses why and how organizations need to step up efforts to reduce CO2 …
Fake product reviews can be harmful not just to consumers, but to businesses if their product is negatively targeted by bad …
When Windows 11 administrators encounter an issue with a desktop without a clear fix, they should perform general troubleshooting…
PC prices are dropping as manufacturers lower prices to move inventory. Market saturation following the pandemic is a significant…
Cloud Software Group lays off 2,250 workers following major changes to sales and product development after merging Citrix Systems…
AI-powered automated inventory tracking systems aren’t perfect. However, retailers with high rates of lost sales from missing …
Explore scaling options in AKS, such as the horizontal pod and the cluster autoscaler. Then, follow a step-by-step tutorial on …
Looking to shift your organization’s workloads to the cloud? Understand the advantages and disadvantages of IaaS and PaaS options…
Barclays Eagle Labs incubator to take over Tech Nation’s role in administering UK government digital growth grant amid backlash …
Bontaz used to face regular IT outages that took too long to recover from. Then it got DataCore software-defined storage and the …
The worsening economic climate is leading to job cuts across the IT sector, with Microsoft only the latest to announce thousands …
All Rights Reserved, Copyright 2000 – 2023, TechTarget
Privacy Policy
Cookie Preferences
Do Not Sell or Share My Personal Information