Professional Documents
Culture Documents
5 Common Vulnerabilities in Industrial Control Systems
5 Common Vulnerabilities in Industrial Control Systems
Systems
The use of Industrial Control Systems (ICS) stretches across a wide range of
critical infrastructure sectors, including energy, manufacturing, transport,
water and waste management. ICS traditionally were isolated systems to
control and manage industrial assets, machinery and systems. However, that
is changing as we enter the age of fourth industrial revolution or the Industry
4.0 era. Now as the information technologies (IT) and operational
technologies (OT) are converging into an integrated network for innumerable
benefits, vulnerabilities that come embedded into the ICS components have
much more exposure to the known and unknown cyber threats.
2) Unauthenticated Protocols
In industrial control systems, authentication protocols are used to transfer authentication
data between two entities so as to authenticate both the connecting entity and itself.
Authentication protocols are the single most important layer of protection for communication
with computer networks. When an industrial control system’s protocol lack authentication,
any computer or device connected to the network can input commands to change, alter or
manipulate the operations being controlled by the ICS. In the example of the German steel
mill hack mentioned earlier, unauthenticated protocols could very well have led to a similar
result and efforts should be made by industrial organizations to map out the remote access
points in their systems and look to provide and implement adequate security resources and
practices in order to decrease the risk posed by unauthenticated protocols.
LIKE THIS ARTICLE? SIGN UP FOR OUR NEWSLETTER!
As you are reading this article, we are working hands on with some of the leading technology companies around
their hardware partners. Together with these companies we are creating cutting edge solutions for IoT, NFV, A.
Edge for a variety of industries. Sign up now so we can share with you our insights on these topics, latest trends
our solutions.
Subscribe Now
Conclusion
There were 19 known vulnerabilities to industrial control systems in 2010, in 2015 that figure
has rose to 189. As yet, we can’t be sure how that number has changed over the past two
years, however, what we can be sure of is that the threats to ICS will continue to grow as
adversaries gain a more advanced knowledge of these systems as well as access to better
hacking equipment.
Our reliance on industrial control systems to drive the technologies that make our lives
better will only produce more and more of them. ICS component manufacturers will have to
keep up and quickly spot the vulnerabilities and resolve them. We may also see more
embedded security coming into the industrial control systems in future. Close collaboration
and continuous cross communication between critical infrastructure authorities, cyber
security software developers and the ICS hardware OEM´s will be required in order to beat
the tools of sophisticated attackers.
A robust ICS Cyber Security system stands between a chaos and a cyber attack, and since
all of the critical infrastructures relies on the ICS systems, it is therefore imperative on the
industries and relevant government bodies that comprehensive compliance procedures are
updated regularly to keep up with evolving threats.