Industrial control systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems are critical components for the operation of industrial facilities and critical infrastructure. Successful cyberattacks could paralyze internal processes, cause financial losses and potentially lead to the loss of human lives.
Many organizations in critical infrastructure have deployed SCADA/ICS to automate the control of processes and data collection. These systems have become high-value targets for attackers looking to disrupt business operations.
Unfortunately, many ICS are not designed to be resilient to cyberattacks and threat actors are targeting these systems with more intensity.
Most of the attacks against the industrial networks are not complex. Threat actors could use different attack vectors by taking advantage of existing configuration flaws in the industrial devices and network segmentation, as well as OS vulnerabilities.
The majority of security experts involved in the testing of corporate information systems revealed that they have insufficient perimeter protection against external attacks and industrial networks are not properly isolated from corporate systems.
The Stuxnet Attack Legacy
Since the Stuxnet attack, many other incidents involved ICS/SCADA systems and security experts discovered several threats specifically designed to compromise these families of devices, including Duqu/Flame/Gauss (2011), Shamoon (2012), Havex (2013), Dragonfly (2014), Black Energy (2015) and Triton (2017).
The above threats targeted systems used in nuclear plants, electric grids, dams, gas pipelines, water facilities and industrial environments. These events confirm that ICS/SCADA components are prime targets for both crooks and nation-state actors.
According to a Forrester study, 56% of organizations using SCADA/ICS reported a breach in the second half of 2018 through the first half of 2019. Only 11% indicate they have never been breached.
In many cases, attackers exploit vulnerabilities affecting industrial control systems (ICS). For this reason, it is interesting to (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Pierluigi Paganini. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/5bk2q-f8EWE/