Why are industrial control systems easy targets for adversaries?


A CyberX report has found that industrial control systems continue to be "soft targets" for adversaries. Indeed, the 2019 Global ICS & IIoT Risk Report suggests that a multitude of security gaps still exist in a number of key areas.

The state of industrial control systems

Over the past year, the report captured traffic from more than 850 production ICS and SCADA networks, across six continents and all industrial sectors. This included energy and utilities, manufacturing, pharmaceuticals, chemicals, and oil & gas.

Above all, the data clearly shows that industrial control systems continue to be "soft targets" for adversaries. In fact, 69% of sites had plain-text passwords traversing their industrial control systems network.

Meanwhile, many sites had a distinct lack of basic protections in place. 57% did not run anti-virus protections that update signatures automatically, while 40% had at least one direct connection to the public internet.

16% also had at least one Wireless Access Point (WAP), despite the fact that misconfigured WAPs increase the attack surface. 84% of industrial sites had at least one remotely accessible device, which makes it easier for attackers with stolen credentials to learn how to configure and manipulate equipment.

Securing industrial control systems

In order to secure these systems, ruthless prioritisation is apparently integral. While a multitude of problems exist within this environment, it is essentially impossible to tackle all issues at once.

Instead, CyberX recommends that organisations adopt a series of eight steps to protect their most essential assets and processes. For example, implementing continuous ICS network monitoring allows users to immediately identify attempts to exploit unpatched systems — before attackers can do any damage.

Automated threat modelling also allows organisations to prioritise mitigating the highest-consequence attack vectors. In addition to this, compensating controls such as granular segmentation between different layers of OT networks is incredibly effective.

Overall, industrial networks contain a "complex, heterogeneous mix of specialised OT protocols" and thus require purpose-built cybersecurity. In order find out how to fully secure your network, download the 2019 risk report.

How can advanced AI transform cybersecurity at a rapid pace? Check out our podcast with industry experts in order to find out