Industrial control systems (ICS) are specific kinds of assets and associated instrumentation that help to oversee industrial processes. According to the National Institute of Standards and Technology, there are three common types of ICS. These are supervisory control and data acquisition (SCADA) systems, which help organizations to control dispersed assets; distributed control systems (DCS), which control production systems in a local area; and programmable logic controllers (PLCs), which enable discrete control of applications using regulatory control.

In this capacity, industrial control systems are essential to the operation of critical national infrastructure (CNI) such as transportation networks, water treatment plants, and power grids. The U.S. Department of Homeland Security (DHS) describes CNI as “physical and cyber systems and assets that are so vital to the United States that their incapacity or destruction would have a debilitating impact on our physical or economic security or public health or safety.” As such, CNI helps to support the overall functioning of American society.

Why Are Attackers Targeting Them?

A contributor to the State of Security wrote the following back in 2016: “If these ISC devices were to be compromised, regular service could be disrupted, proprietary data could be lost, and significant harm could occur.”

This statement raises the question: Why would someone want to disrupt ICS? Some malicious actors could use the threat of an ICS disruption as a means of extorting an industrial organization’s operations. Those attackers might do so in the belief that the victim will be more inclined to pay (and quickly) to avoid adversely affecting a nation’s security or public health.

Take the Colonial Pipeline attack, as an example. Back in the beginning of May, the Colonial Pipeline Company announced on its website that it had taken several systems offline to “contain the threat” posed by (Read more...)