Design World

  • Home
  • Technologies
    • 3D CAD
    • Electronics • electrical
    • Fastening & Joining
    • Factory automation
    • Linear Motion
    • Motion Control
    • Test & Measurement
    • Sensors
    • Fluid power
  • Learn
    • Ebooks / Tech Tips
    • Engineering Week
    • Future of Design Engineering
    • MC² Motion Control Classrooms
    • Podcasts
    • Videos
    • Webinars
  • LEAP AWARDS
  • Leadership
    • 2022 Voting
    • 2021 Winners
  • Design Guide Library
  • Resources
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Women in Engineering
  • Supplier Listings

What’s the security risk for industrial networks?

By Leslie Langnau | December 15, 2017

Share

According to a cyber security study, many industrial networks connected to the internet and rife with vulnerabilities including legacy Windows boxes, plain-text passwords, and lack of anti-virus protection.

CyberX, the industrial cybersecurity company safeguarding ICS infrastructures worldwide, announced its findings in its “Global ICS & IIoT Risk Report,” a comprehensive review of the current state of Operational Technology (OT) security. Operational Technology networks are used with specialized Industrial Control Systems (ICS) to monitor and control physical processes such as assembly lines, mixing tanks, and blast furnaces.

The data clearly show that OT networks are ripe targets for those whose motives range from criminal intent to operational disruption and even threats to human and environmental safety. Many are exposed to the public internet and easy to traverse using simple vulnerabilities like plain-text passwords. Lack of even basic protections like anti-virus can enable attackers to quietly perform reconnaissance before sabotaging physical processes.

As a result, once attackers get into an OT network — either through the internet or by using stolen credentials to pivot from corporate IT systems to OT networks — it’s relatively easy for them to move around and compromise industrial devices. According to a new US CERT advisory citing analysis by the DHS and FBI, threat actors are currently engaged in APT attacks using spear phishing to obtain stolen credentials from ICS personnel.

Although industry experts have been warning for years that OT networks are vulnerable — missing many of the built-in controls found in IT networks like automated updates and strong authentication — this is the first time there is real-world data to objectively evaluate the risk.

“The risk to OT networks is real — and it’s dangerous and perhaps even negligent for business leaders to ignore it,” said Michael Assante, ICS/SCADA Lead for the SANS Institute.

To obtain this data, CyberX analyzed production traffic from 375 representative OT networks worldwide across all sectors — including energy and utilities, manufacturing, pharmaceuticals, chemicals, and oil and gas — using its proprietary Network Traffic Analysis (NTA) algorithms. Similar to the methodology used for the Verizon Data Breach Investigations Report (DBIR), the analysis was performed on an anonymized and aggregated set of metadata with all identifying information removed. Rigorous attention was paid to preserving the confidentiality of sensitive customer information.

Some of the eye-opening conclusions include:

Forget the myth of the air-gap: One-third of industrial sites are connected to the internet — making them accessible by hackers and malware exploiting vulnerabilities and misconfigurations. This also explodes the myth that OT networks don’t need to be monitored or patched because they’re isolated from the internet with “air-gaps.”

Unpatchable Windows boxes: More than 3 out of 4 sites have obsolete Windows systems like Windows XP and 2000. Since Microsoft no longer develops security patches for legacy systems, they can easily be compromised by destructive malware such as WannaCry/NotPetya, Trojans such as Black Energy, and new forms of ransomware.

Weak authentication: Nearly 3 out of 5 sites have plain-text passwords traversing their control networks, which can be sniffed by attackers performing cyber-reconnaissance and then used to compromise critical industrial devices.

No anti-virus protection: Half of the sites don’t have any AV protection whatsoever— increasing the risk of silent malware infections.

Rogue devices and wireless access: Nearly half have at least one unknown or rogue device, and 20% have wireless access points (WAPs), both of which can be used as entry points by attackers. WAPs can be compromised with misconfigured settings or the recently discovered KRAC WPA2 vulnerability, for example.

Remote control: 82% of industrial sites are running remote management protocols like RDP, VNC, and SSH. Once attackers have compromised an OT network, this makes it easier to learn how the equipment is configured and eventually manipulate it.

“We don’t want to be cyber Cassandras — and this isn’t about creating FUD — but we think business leaders should have a realistic, data-driven view of the current risk and what can be done about it,” said Omer Schneider, CEO and co-founder of CyberX.

Added Nir Giller, CTO and co-founder of CyberX: “It was important for us to produce reliable, aggregated risk data and we’re hoping these results will serve as a wake-up call to the entire industry. The data is certainly consistent with what we’ve seen anecdotally in OT networks worldwide.”

Recommendations

What can be done? It’s unrealistic to expect asset owners to perform massive upgrades to their OT infrastructures in the short-term, which would cost their industries billions of dollars. Nevertheless, there are a number of practical steps organizations can take today to mitigate OT risk, including:

–Providing security awareness training for plant personnel and enforcing strong corporate policies to eliminate risky behaviors like clicking links in emails, using USBs and laptops to transfer files to OT systems, and dual-homing devices between IT and OT networks.

–Top-down organizational initiatives to break down barriers between IT and OT teams, such as temporarily assigning IT security personnel to OT organizations and vice-versa to understand the differences between IT and OT.

–Using compensating controls and multi-layered defenses — such as continuous monitoring with behavioral anomaly detection — to provide early warnings of attackers inside your OT network, and to mitigate critical vulnerabilities that might take years to fully remediate.

–Proactively addressing the most critical vulnerabilities with automated threat modeling.

SANS refers to this multi-layered approach as “Active Cyber Defense” — using security operations to continuously identify and counter threats. According to SANS, the Active Cyber Defense Cycle consists of four phases that continuously feed each other: asset identification and network security monitoring; incident response; threat and environment manipulation (e.g., addressing vulnerabilities); and threat intelligence consumption.

The increased visibility, intelligence, and proactive actions defined by this approach enable organizations to significantly reduce risk to their vulnerable OT networks and move beyond the limitations of perimeter security, which is no longer sufficient to protect against new threats such as targeted attacks, sophisticated malware, and insider threats.

CyberX
CyberX-Labs.com


Filed Under: Design World articles, Cybersecurity, IoT • IIoT • internet of things • Industry 4.0
Tagged With: cyberx
 

Tell Us What You Think!

Related Articles Read More >

Drone-mounted inspection breaks barriers for F-35
TriStar, a misunderstood failure of design
More on engineering and science
Dan Arvizu: Embracing the soft skills

DESIGN GUIDE LIBRARY

“motion

Enews Sign Up

Motion Control Classroom

Design World Digital Edition

cover

Browse the most current issue of Design World and back issues in an easy to use high quality format. Clip, share and download with the leading design engineering magazine today.

EDABoard the Forum for Electronics

Top global problem solving EE forum covering Microcontrollers, DSP, Networking, Analog and Digital Design, RF, Power Electronics, PCB Routing and much more

EDABoard: Forum for electronics

Sponsored Content

  • Global supply needs drive increased manufacturing footprint development
  • How to Increase Rotational Capacity for a Retaining Ring
  • Cordis high resolution electronic proportional pressure controls
  • WAGO’s custom designed interface wiring system making industrial applications easier
  • 10 Reasons to Specify Valve Manifolds
  • Case study: How a 3D-printed tool saved thousands of hours and dollars

Design World Podcasts

May 17, 2022
Another view on additive and the aerospace industry
See More >
Engineering Exchange

The Engineering Exchange is a global educational networking community for engineers.

Connect, share, and learn today »

Design World
  • Advertising
  • About us
  • Contact
  • Manage your Design World Subscription
  • Subscribe
  • Design World Digital Network
  • Engineering White Papers
  • LEAP AWARDS

Copyright © 2022 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search Design World

  • Home
  • Technologies
    • 3D CAD
    • Electronics • electrical
    • Fastening & Joining
    • Factory automation
    • Linear Motion
    • Motion Control
    • Test & Measurement
    • Sensors
    • Fluid power
  • Learn
    • Ebooks / Tech Tips
    • Engineering Week
    • Future of Design Engineering
    • MC² Motion Control Classrooms
    • Podcasts
    • Videos
    • Webinars
  • LEAP AWARDS
  • Leadership
    • 2022 Voting
    • 2021 Winners
  • Design Guide Library
  • Resources
    • 3D Cad Models
      • PARTsolutions
      • TraceParts
    • Digital Issues
      • Design World
      • EE World
    • Women in Engineering
  • Supplier Listings