Cyberattacks on Industrial Control Systems Continue Unabated
Increasing Threats to Industrial Control Systems
A recent report from Nozomi Networks reveals that cyber threat actors are continuing to exploit vulnerabilities within Internet of Things (IoT) and operational technology (OT) devices, despite efforts to enhance industrial control system (ICS) cybersecurity. The research, which analyzed public IoT/OT cyber incidents over the past six months, found that various threat actors, including ransomware and DDoS attackers, have launched a significant number of cyberattacks against ICS systems. Notably, the manufacturing, water treatment, food and agriculture, and chemical sectors have been the most frequent targets in early 2023.
Nozomi Networks recorded an average of 813 unique cyberattacks daily on its honeypots in the first six months of this year, with a peak of 1,342 attacks on May 1. Another study, conducted by SynSaber and downloaded by Dark Reading, also provides insights into the factors contributing to the surge in nefarious activity against ICS networks. Although the overall number of ICS Common Vulnerabilities and Exposures (CVEs) reported in the first half of 2023 has decreased by 1.6% compared to 2022, 34% of the reported CVEs had no patch or remediation available, reflecting a 13% increase over the same period last year.
Challenges and Roadblocks in ICS Patching
The delay in patching supervisory control and data acquisition (SCADA) and ICS systems can be attributed to various reasons, according to Melissa Bischoping, an endpoint security researcher with Tanium. She reveals that system stability and uptime are often key priorities for operations, and since many patches require restarts, applying them could lead to a cascade of restarts that disrupt the production process. In light of the cost and risk associated with these downtimes, operators often choose to postpone patching.
Furthermore, the expense of upgrading ICS systems can serve as a deterrent to implementing patches. In some cases, interoperability and compatibility issues with other systems necessitate retrofitting or modernization of shared components before upgrades can occur. This retrofitting process can be costly, with upgrades potentially carrying a price tag of millions of dollars. However, delaying upgrades may mean accepting equal or greater risks of system failure or exploitation, placing industrial sectors in a challenging position.
Positive Developments in ICS Cybersecurity
Despite the difficulties faced in patching ICS systems, the findings indicate that cybersecurity efforts to protect these critical systems have yielded positive results. John Gallagher, Vice President at Viakoo Labs, asserts that research and data like the ones highlighted reveal that line-of-business organizations, including manufacturing, facilities, and physical security, are starting to focus more on IoT/OT devices and their vulnerabilities.
Gallagher attributes this paradigm shift to the emergence of asset discovery, threat assessment, and vulnerability remediation solutions that specifically target IoT/OT systems. Additionally, increased attention to the threats posed by these systems from government agencies and boards of directors has contributed to the changing landscape of ICS cybersecurity.
Editorial: Strengthening Industrial Control System Security
The escalating cyberattacks on industrial control systems underscore the urgent need for stronger security measures and industry-wide collaboration. The ramifications of successful attacks on critical infrastructure are significant, ranging from potential disruptions to essential services and economic harm to compromising public safety.
The Importance of Timely Patching
Efforts must be made to expedite the patching process for supervisory control and data acquisition systems and ICS devices. While the challenges associated with system stability and cost must be acknowledged, it is crucial that operators prioritize the security of these systems. Coordination between IT and operational teams is essential to strike a balance between maintaining uptime and addressing vulnerabilities.
Investment in Upgrades and Retrofits
The high cost of upgrading ICS systems often acts as a hurdle to implementing necessary security measures. However, it is imperative for organizations to allocate resources for necessary upgrades and retrofits to improve the security posture of their networks. Developing interoperable systems and standardizing shared components can help mitigate the financial burden associated with upgrades.
Collaboration and Industry-wide Initiatives
To effectively combat the rising threats to industrial control systems, public and private sector entities should collaborate and share information regarding vulnerabilities, patches, and cyberattack trends. The sharing of best practices, threat intelligence, and lessons learned can enhance the collective cybersecurity resilience of critical infrastructure.
Government Intervention and Regulations
Government agencies have a vital role in driving the implementation of robust cybersecurity measures. Regulatory frameworks can establish minimum security standards and incentivize organizations to prioritize the protection of industrial control systems. Public-private partnerships, such as information-sharing programs and joint exercises, can facilitate knowledge exchange and foster a proactive cybersecurity ecosystem.
Conclusion
The persistence of cyberattacks against industrial control systems necessitates a multi-faceted approach to address vulnerabilities and enhance security measures. In a rapidly evolving threat landscape, patching efforts should be expedited, despite the challenges posed by system stability and cost considerations. Investments in system upgrades and retrofits are crucial to reinforce the security posture of ICS networks. Collaboration between stakeholders, industry-wide initiatives, and government intervention are essential to ensure the resilience of critical infrastructure in the face of escalating cyber threats.
<< photo by cottonbro studio >>
The image is for illustrative purposes only and does not depict the actual situation.
You might want to read !
- The Path to a Resilient Organization: Unveiling the 3 Phases of an Impactful GRC Program
- Exploring the Essential Guide to Penetration Testing for IT Security Teams
- The Changing Landscape of Cybersecurity: A Look at July 2023’s M&A Activity
- Microsoft Unveils Russian Hackers’ Sophisticated Phishing Techniques on Microsoft Teams
- Unveiling a Vulnerability: A Critical Ivanti EPMM Patch Bypassed
- The Future of Cybersecurity M&A: A Deep Dive into the 42 Deals of July 2023
- The Future of Sensors: Exploring the Booming Global Optical Sensor Market
- Firedome and Microsoft Join Forces to Bolster IoT Device Security with Integrated Microsoft Sentinel
- The Rise of Linux and IoT Devices: A New Frontier for Cryptocurrency Mining
- The Vulnerability of IoT Devices: Mirai Botnet Hits Zyxel Firewalls
- Google’s Bounty Program Boosts Security Efforts: $60,000 Rewarded for V8 Vulnerabilities Patched
- “Securing the Web: Firefox Releases 116 Patches to Combat High-Severity Vulnerabilities”
- Mozilla’s Movement Towards Secure Browsing: Firefox Addresses Multiple Vulnerabilities in Recent Update
- Unraveling the Web: Deep Dive into Critical SAP Vulnerabilities and their Wormable Exploit Chain
