According to TrendMicro, industrial control systems (ICS) is a collective term used to describe different types of control systems and associated instrumentation. This includes the devices, systems, networks, and controls used to operate and/or automate industrial processes. Depending on the industry and sector, each ICS functions differently. The main goal of ICS is to manage tasks and operations electronically. Nowadays, the devices and tools used by ICS are found in almost all industrial sectors. Critical infrastructure such as manufacturing, transportation, energy, and water treatment also rely on ICS. In other words, industrial controls systems support many individual businesses as well as national critical infrastructure throughout the world. Conventional power stations, nuclear power plants, and water distribution systems are just a few of the entities that rely on ICS. Due to this dependency on ICS, these systems continue to garner the interest of bad actors who aim to disrupt the availability and integrity of industrial processes and the services they provide to society.
So, what factors impact industrial cybersecurity? What strategies and measures are being employed, and what can be expected in the future regarding cybersecurity in the industrial sector?
Below are some sobering statistics with regards to cyber attacks on ICS’s. These stats were primarily pulled from the ICS Risk & Vulnerability Report by Claroty and The State of Industrial Cybersecurity by Kaspersky, which surveyed 282 industrial companies across the globe.
(1) 70% of companies operating ICS software reported vulnerabilities due to the huge increase in remote work resulting from COVID-19. Consequently, it has increased the potential of remote attacks on ICS because of the increased amount of remote connections to operational technology networks that are usually more secure.
Check out our COVID-19 Impact Report: Cybersecurity Edition to learn more about the impact COVID has had on cyber programs.
(2) Engineering workstations (EWS) and Programmable logic controllers (PLC) are the most impacted. As stated earlier, ICSs are used in many different sectors. They therefore include different types of systems. According to the Claroty report:
- Engineering workstations (EWS) accounted for 57.7% of the weak points
- Programmable logic controllers (PLC) accounted for 28.9%
(3) Energy, critical manufacturing, and water & wastewater infrastructure sectors have clearly been the hardest-hit entities. Compared to the first half of 2019, the water & wastewater sector experienced a 122.1% increase in attacks, while the critical manufacturing and energy sectors respectively experienced 87.3% and 58.9% increases.
(4) Concerns around an ICS cybersecurity incident: According to Kaspersky: When asked to rank their concerns around an ICS cybersecurity incident, respondents primarily cited the health and safety of their employees (78%), as well as possible damage to the quality of their products or services (77%) as major worries, should the worst happen. The loss of customer confidence (63%) and possible damage to equipment (52%) were also rated as significant concerns.
(5) Over 50% companies are aware of the need to provide more resources for OT/ICS cybersecurity. According to the Kaspersky report, among the 282 industrial companies and organizations across the globe that were surveyed online, more than half (52%) of the surveyed companies are aware of the need to provide more resources for OT/ICS cybersecurity.
(6) Over 80% of companies stated that they have developed their own written ICS cybersecurity standard. In 2018, this was only true for 62% of the companies surveyed. Since then, customer compliance with IEC 62443 has grown.
(7) 25% of companies already use digital services in connection with OT/ICS automation & another 40% plan to use digital services within the next 12 months. Since the number of gateways to the internet is exponential due to digitalization, these may become conduits for viruses.
(8) 10-15% increase for operator awareness training, endpoint protection, and OT/ICS security audits. When asked how ICS cybersecurity budgets will be used in the future, companies reported on average a 10-15% increase for operator awareness training, endpoint protection, and OT/ICS security audits.
As for other systems, the main threats for industrial controls are often linked to unprotected remote access connections, phishing attacks, and internal threats. Furthermore, fully air-gapped ICS networks, completely isolated from cyber threats have become very uncommon, which is why internet-facing ICS devices and remote connections must be managed and secured.
ICSs have become ubiquitous, and are literally relied on in life-or-death situations. Cybersecurity in the industrial controls sector cannot be neglected and, security wise, it should be a top priority of these businesses and the governments which rely on their services. We can expect the number of cyber attacks and vulnerabilities to keep increasing as cybercriminals find innovative ways to attack. Good cyber hygiene is a must and managing the performance of your cyber program is a necessity.
Schedule a demo to learn more about how TDI and CnSight can help.