Home » Security Bloggers Network » Biggest threats to ICS/SCADA systems

Biggest threats to ICS/SCADA systems

by Satyam Singh on April 28, 2020

Introduction

Imagine a scenario where two nations are at war. One nation has the capability to attack the other’s industrial infrastructure, like the electrical grid, oil and gas plants, water treatment plants, nuclear plants and so on. What would be the consequences if plant operations were controlled remotely and maliciously?

Industrial Control System (ICS)

ICS is used to control industrial processes such as manufacturing, production and distribution. It includes various components that work together to achieve an industrial objective. On a higher level, it is a part of Operational Technology (OT). Today, ICS is mostly used in energy, water, gas and oil, electricity and traffic control systems.

Industrial Control Systems (ICS) consist of different types of control systems such as Supervisory Control and Data Acquisition (SCADA), Distributed Control System (DCS), Programmable Logical Computer (PLC), Remote Terminal Units (RTU) and Intelligent Electronic Devices (IED).

ICS is becoming a prime target for cyberattacks. Security concerns increased after the Stuxnet attack on an Iranian uranium enrichment facility in 2010. Similarly, BlackEnergy malware was used against the Ukrainian power grid in 2015.

ICS lacks basic security practices. Let’s look at the major vulnerabilities and threats to ICS/SCADA.

Sponsorships Available

ICS vulnerabilities

1. Exposure over the internet

Prior to the internet, ICS operation was confined to the plant. With increase in operations, integration with other platforms and for ease of access, some companies have connected their ICS or part of the ICS setup to the internet. Insecure connections may allow backdoor access for malicious parties to enter the ICS environment.

External access is often provided to vendors for maintenance purposes. Systems used by the external vendor may threaten security, as they don’t adhere to the client company’s security policies. Insecure VPN configuration may also lead to compromised systems by not restricting the access.