We rely on industrial control systems to sustain our lives; from utilities to manufacturing, to distribution, to water management. In the past decade, the connectivity level of industrial control systems has increased. In parallel with these digital transformations, ensuring the safety and integrity of these environments is imperative.
Previously isolated infrastructure is now easily accessible via remote tools. Industrial control system (ICS) employees can access systems control and data acquisition (SCADA) systems from their phones. While remote access enables agility and fast response times, it also begets questions about cyber security. To what extent does remote access increase the possibility of an incident? How can system operators mitigate risks?
“I deal with a lot of municipal water utilities for small, medium and large-sized cities. In a lot of cases, all of them have a very small IT staff. Some of them have no dedicated security staff at all,” says security expert Lesley Carhart. Ensuring that an adequate number of highly skilled cyber security professionals are available is a must, although a challenge given the cyber skills gap.
Thus far in 2021, the US Department of Homeland Security has given 25 security advisories that mention various vulnerable industrial control systems. When it comes to ICS security, “Preparation is critical because ICS incidents are occurring with increasing frequency and damaging systems,” notes SANS.
Industrial control system security: Notable vulnerabilities
1. Connectivity and integration with external platforms and third party systems provide opportunities for backdoor access and malicious activities.
2. Weak segregation when it comes to IT and OT environments represents a cause for concern. Hackers can get into systems via weak access controls.
3. Patching can be a problem. Organizations may not have resources to contend with system downtime during patching and upgrades. As a result, security can suffer.
Preventing industrial control system attacks
In the US, the Cybersecurity and Infrastructure Security Agency (CISA) provides information designed to empower industry leaders to combat ICS oriented threats.
CISA’s resources focus on:
- Engaging the industrial control systems (ICS) community and encouraging proactive risk management.
- Working collaboratively while leveraging the resources of the federal government.
- Driving positive, lasting and measurable change when it comes to securing the ICS environment.
You may want to explore CISA’s full industrial control system strategy. It is accessible via cisa.gov/ics.
The Environmental Protection Agency (EPA) recently launched a website where utility providers can find up-to-date information about alerts and tools that can assist with cyber resilience.
For additional expert insights into securing industrial control systems, watch this webinar. Learn about defense-in-depth, security settings, and best practices that can help improve your security posture.