Computer vulnerabilities in manufacture and critical infrastructure cost people’s health and lives
The frequency and complexity of attacks on SCADA, ICS, and OT are increasing every year, and the trends are sad. Unlike the security of systems in other industries, in a nation’s manufacturing and critical infrastructure, the potential cost of overlooked vulnerabilities is not only information leaks or business interruptions, but also environmental issues, and even people’s health and lives.
With many years of experience in the development, implementation, and security of SCADA, industrial IT and OT, we offer the best service on the market. Discuss your concerns and problems with us.
The number of automated systems is growing. More and more organizations and individuals have direct or remote access to ICS. All this gives cybercriminals more options to plan and execute attacks.
The declining profitability of old types of attacks is forcing cybercriminals to seek new targets, including among industrial organizations. In parallel, the intelligence services of many countries are actively involved in the development of espionage techniques and cyber-terrorist attacks on industrial facilities.
Information security problems in industrial companies are relatively new, so the existing threats are underestimated. This negatively affects the decision-making and danger assessment by management.
Most professional industrial cybersecurity incident reports are difficult to understand and lack important details about OT systems. This situation increases the vulnerability of systems to real attacks.
Threats and vulnerabilities
There are only two reasons for any security incident: threats (external factors) and vulnerabilities (internal factors). Threats are difficult to influence. It is always better to focus on vulnerabilities, internal problems that may seem small, but when combined with threats, lead to large damage.
Some examples of vulnerabilities:
Unauthorized connections (temporary, debug, emergency, etc.) of industrial Ethernet networks to other factory or office networks expose industrial networks to the risk of external infections and hacker attacks.
Unreported or unauthorized connection of WiFi/GPRS/3G modems or routers to industrial switches breaks the security perimeter and creates uncontrolled points of penetration and leakage.
Engineers, electricians or mechanics, who have physical access to industrial computers, may perform inconsistent, incompetent, or unrecorded modifications of industrial software, which may lead to violations and incidents that are difficult to track and investigate.
PLCs use Profibus, Modbus, CAN, Profinet, or other buses to communicate with remote I/O and slave devices. These buses can often be used for PLC programming. In this way, an unauthorized user with access to the fieldbus could copy and/or modify the PLC program.
Excessive or disordered access by maintenance personnel or subcontractors to SCADA machines or PLCs leads to various risks of compromising the confidentiality, integrity, and availability of industrial systems.
Industry 4.0 and Industrial Internet of Things (IIoT) approaches require an Internet connection, which dramatically increases security risks.