Although a growing number of companies are increasing IT security to address cyberthreats, it appears considerably more needs to be done to safeguard industrial systems, such as those used in power plants and refineries, as well as factories. Indeed, a U.S. government cybersecurity official warned last week that, over the past year, authorities have seen an increase in cyberattacks that penetrate industrial control system networks, which are vulnerable because they are exposed to the Internet.
“We see more and more [cyberattacks] that are gaining access to that control system layer,” Marty Edwards, who runs the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, said at the S4 supervisory control and data acquisition (SCADA) and industrial control system (ICS) security conference, a Reuters story reports. ICS-CERT helps U.S. firms investigate suspected cyberattacks on industrial control systems as well as corporate networks.
The U.S. government has in the past previously accused China and Russia of cyberattacks. Furthermore, in 2013, the U.S. government also accused Iran of orchestrating a number of cyberattacks against U.S. energy companies, which officials described as “worrying.” However, interest in critical infrastructure security has certainly surged since Ukraine authorities recently blamed a power outage on a cyberattack from Russia—which would make it the first known power outage caused by a cyberattack. Experts attending the S4 conference of some 300 critical infrastructure security specialists said the incident has caused U.S. firms to question whether their systems are vulnerable to similar incidents.
What’s troublesome is that industrial operations leverage SCADA systems to control remote equipment and collect data on that equipment’s performance. Not only are attacks against SCADA systems on the rise, they tend to be political in nature since they target operational capabilities within power plants, factories and refineries.
Edwards said he believed the increase in attacks was mainly because more control systems are directly connected to the Internet but security is weak. “I am very dismayed at the accessibility of some of these networks... they are just hanging right off the tubes,” he said in an on-stage interview with conference organizer Dale Peterson, Reuters reports.
None of this is much of a surprise, though. Last year, Dell released its 2015 Dell Security Annual Threat Report, which compiles research from the company’s Global Response Intelligence Defense (GRID) network and telemetry data from Dell SonicWALL network traffic, to identify emerging threats. According to Dell’s research, cyberattacks against SCADA systems more than doubled from 2013 to 2014.
“Everyone knows the threats are real and the consequences are dire, so we can no longer blame lack of awareness for the attacks that succeed,” said Patrick Sweeney, executive director, Dell Security. “Hacks and attacks continue to occur, not because companies aren’t taking security measures, but because they aren’t taking the right ones.”
What’s also interesting that, according to Dell’s report, the majority of the cyberattacks against SCADA solutions took place in Finland, the United Kingdom and the U.S. It’s believed that a likely reason is because SCADA systems are more common in these countries and they are more likely to be connected to the Internet than systems in other countries.
“Since companies are only required to report data breaches that involve personal or payment information, SCADA attacks often go unreported,” said Sweeney. “This lack of information sharing combined with an aging industrial machinery infrastructure presents huge security challenges that will to continue to grow in the coming months and years.”
Based on the recent data coming from the Department of Homeland Security, it seems not much has changed. Considering not only the importance of power plants and refineries, but also their vulnerability, there is much work that needs to be done.
What are your thoughts on the growing number of cyberattacks against industrial control systems?