Industrial Control System Vulnerabilities Bring Critical Risk
A new report paints a grim picture of industrial control system (ICS) cyber security. According to the Claroty Biannual ICS Risk & Vulnerability Report, 365 ICS vulnerabilities were disclosed in the first half of 2020, 75 percent of which were rated as high or critical using the Common Vulnerability Scoring System (CVSS). These vulnerabilities were most prevalent in ICSs used in critical infrastructure, including the energy and critical manufacturing sectors.
More concerning, attackers could exploit more than 70 percent of the vulnerabilities remotely via Internet connections. More than 60 percent would allow for remote code execution, meaning the attackers could run any software with system-level privileges.
The report notes that greater awareness of ICS risk accounts for some of the increase in the number of disclosed vulnerabilities. However, security experts warn that critical infrastructure sectors aren’t doing enough to protect their ICSs and operational technology (OT) networks.
What is an Industrial Control System?
As the name implies, ICSs are used for the control, management and support of equipment and processes used in industry. Components include engineering workstations, programmable logic controllers (PLCs), supervisory control and data access (SCADA) systems, and the network devices that interconnect them. Many of these components have numerous vulnerabilities and weak security protocols.
That wasn’t much of a problem when ICSs and the OT network were isolated from the IT infrastructure and any sort of public network. Increasingly, however, organizations are connecting their OT networks to the Internet to enable remote access. While Internet connectivity plays an important role in the operation of today’s ICSs, it increases the risk that cybercriminals can exploit weaknesses in ICS components.
The Claroty report found that engineering workstations account for a majority of ICS vulnerabilities (57.7 percent). Because engineering workstations often connect to both the IT and OT networks, cybercriminals view them as valuable targets that can provide access to ICSs.
PLCs account for 26.9 percent of ICS vulnerabilities. Security researchers have reported that cybercriminals can commandeer PLCs via weak communications protocols, install malicious code and wreak havoc with industrial processes.
SCADA systems account for 11.5 percent of ICS vulnerabilities, which are often found in the human machine interface (HMI). Because SCADA systems collect data from throughout the ICS, cybercriminals attack these systems in order to steal data. SCADA vulnerabilities can also be exploited for remote code execution and denial of service attacks.
Vulnerabilities were most prevalent in ICSs used in critical infrastructure.
Securing the Industrial Control System (ICS) Environment
Despite increasing awareness of ICS threats, few organizations know how to go about closing these security holes. An ICS environment typically includes a large number of components that are integrated with mission-critical equipment and often spread over a wide geographic area. What’s more, SCADA systems connect to numerous sensors and other devices, creating a sizable attack surface.
The first step toward improving ICS security is to conduct a thorough assessment of the OT environment to determine which ICS components can be accessed from the outside. This should be accompanied by a review of disclosed vulnerabilities for those components. But don’t presume all weaknesses have been identified and disclosed. All avenues for connecting to the OT network and ICSs should be viewed as a vulnerability that must be addressed with robust security tools.
Global Data Systems has a long history serving customers in the energy, petrochemical, industrial and related sectors. Let us apply our years of experience and cutting-edge cybersecurity know-how to helping you secure your ICSs and OT network.
Benefits of Managed IT Services from Global Data Systems
- Strategic Managed IT: We help you solve your technology related business problems.
- Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
- Support: When you need help simply call our 24x7x365 support number.
- Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.