Thursday , February 22 2018
Home / Cyber Security / New Challenges in the Safety of Industrial Control Systems

New Challenges in the Safety of Industrial Control Systems

The technological differences between IT systems and industrial process systems, which have traditionally been treated as completely different disciplines, are disappearing. We find ourselves in a new scenario where both worlds coexist, and where it is no longer enough to rely on the proprietary nature of such technologies. A security plan is needed to deal with the new threats that affect systems on which rest a good part of the essential services of the population.

Critical industrial processes—such as oil refineries, gas processing and transportation, water treatment plants, power plants, etc. and/or those requiring a high geographic dispersion and management—are usually managed through networks and industrial control systems (ICS) such as DCS (distributed control systems) or SCADA (supervisory control and data acquisition).

Nowadays, these systems, on which most of the essential services of our society rest, are the object of attacks directed and specially designed against these infrastructures.

Main Risks

There are several reasons why this increase in threats against industrial control systems is observed. Among others, the following could be mentioned:

  • Replacement of proprietary technologies with standard technologies. These technologies—such as operating systems (Microsoft Windows), TCP/IP network protocols, web browsers, and wireless technologies—bring benefits to businesses, but also risks. Traditional systems were closed systems, designed to be effective in functionality and reliability. The main concern then was physical security. At present, however, the increased connectivity possibilities have exposed these systems to new threats for which they are not prepared or designed.
  • Interconnection of systems. The use of these control networks is becoming more extensive, expanding and interconnecting in a massive way.
  • High availability. These systems have been in place for many years, even decades, and due to the requirement of high availability of the service cannot be updated or patched efficiently. This causes them to be exposed to multiple old vulnerabilities and in many cases easily exploitable.
  • Remote support. It is increasingly common for providers to support remotely and over phone links or Internet connections that make it another potential attack vector.
  • Commercial software and general purpose hardware. They are increasingly used more often to the detriment of specific ones and in some cases do not adapt to the singularity, complexity, requirements, or security of these environments.

Protection Services and New Challenges

Testing should not focus on risk assessment and analysis of SCADA systems, DCS, and programmable logic controllers (PLCs), but rather an effort should be made to understand the risk facets associated with such environments and adopt an appropriate approach for the management of the same.

Based on this premise, a security strategy should be developed according to five key points:

  • Adapting technology and focusing on the environment: The methodology and procedures used must adapt to the demands of industrial environments. This implies the use of new tools and training in the different technologies that orbit around them.
  • Prioritization of the safe approach: Minimize the possible risks during the audit work, while prioritizing the availability of the assets involved in the tests performed.
  • Comprehensive vulnerability management: There is an effort to provide proactive support in which a customized solution is included for each case, as well as the management of vulnerabilities over time.
  • Discarding bad security practices: The concept of security auditing should be broadened and focus on new issues that affect SCADA environments that are not usually taken into account. This includes physical security, security policy management, systems basing, and even testing in the field of personal security, using social engineering techniques.
  • Real solutions for real environments: All tests should have as a common link the presentation of a realistic and affordable improvement plan that best fits the customer’s needs while solving the problems detected in the audit phase.

About InnoTec

InnoTec is a wholly-owned subsidiary of Entelgy Group specializing in cybersecurity, intelligence, and risk management. Founded in 2002, we employ over 350 highly qualified professionals worldwide that provide best-in-class security services backed by our Advanced Security Operations Center (SmartSOC). Our experience and deep commitment are endorsed by over 250 clients, including major public organizations and top companies in Spain and the countries where we operate. We are technologically independent and our security solutions have been designed with an integrated approach to protect all your organization assets. Specific needs of every business area are identified to provide flexible services that suit them.

Check Also

Fake Patches Exploit Spectre, Meltdown Fears

Security research company Malwarebytes has spotted an early exploit of the Spectre and Meltdown vulnerabilities–but …

Leave a Reply

Your email address will not be published. Required fields are marked *

Sorry, but this content
is for our subscribers only!

But subscribing to ACCELERATING IT SUCCESS is FREE and only one click away!
Join more than 40,000 IT Professionals and get the best IT management articles to your mailbox with Accelerating IT Success!

Unsubscribe at any time