Jack O'Sullivan
March 22 2021
Stuxnet was the first in a wave of sophisticated, targeted attacks on ICS, focusing solely on hampering the nuclear enrichment capabilities of Iran. This was quickly followed by others such as Havex and Industroyer. Whatever the motivation of these attacks, it showed the world that an ICS attack was not only possible but was now a prized target.
This worry continues to grow, but is action being taken? We take a look at the stats.
Is concern translating into action?
Data breaches are big news and with every news report comes increasing awareness of the threat. When it comes to ICS the consequences of an attack can be far more serious than just the loss of data, there’s a physical impact and lives are potentially at risk. Organisations running critical systems should be expecting an attack and therefore be treating ICS security as critical.
It’s encouraging to see that companies are taking the threat seriously, but the question remains, is that concern turning into security action? Taking action to prevent potential attack is key and whilst measures may have been adopted the statistics show that these may have been poorly implemented, or not be robust enough to deal with the threat posed.
The increasing issue of connectivity
We live in an increasingly connected world and ICS is no different. What used to be isolated, air-gapped systems are now connected to various devices and networks. The Industrial Internet of Things (IIoT) continues to gather pace and whilst these have brought many benefits, it has also left systems vulnerable to attack.
So, how has this happened?
The growth of ICS is a major factor. Over the years more devices have been added to networks and more third party connections have been introduced. Systems have become more complex and this can be hard to keep track of, especially when you consider personnel changes, changes in third party suppliers or even companies merging.
Having an up-to-date network map is key and understanding the connections of each device is a must. You may be surprised what devices are connected to your system and what’s connected to the wider world.
The vulnerability of these connected devices is also a major concern and the growing Industrial Internet of Things (IIoT) continues to worry many industry professionals. Just like home or office devices, security has been called into question and anything that is connected to an ICS environment needs be as secure as possible.
Out of date operating systems
The WannaCry attack of 2017 showed that ransomware can have a critical effect on operations. Whilst it wasn’t a targeted ICS attack, many organisations were locked out of their systems and many had to shut down manufacturing processes for fear of safety. The way in? Unpatched and outdated Windows operating systems.
ICS operating systems may appear to be running fine but they need to be patched to ensure that latest threats cannot get through. If this isn’t possible then they need to be isolated and secured.
Improving ICS security
As you can see, concerns about the safety of ICS are growing and the consequences of an attack on these key systems need to be taken extremely seriously. Whilst the threat is increasing, it appears that many organisations are failing to take the necessary precautions to protect their systems.
Whatever the obstacles, now is the time to start taking action. That’s why we’ve created our ICS Security Guide, to help organisations overcome the barriers that are stopping them and to give practical steps you can take to improve your ICS security posture.