Industrial security threats to watch out for in 2017

Industrial security threats such as IoT botnets, critical infrastructure vulnerabilities, and black market supervisory control and data acquisition (SCADA) exploits are industrial security concerns that should be on the radar in 2017.

03/08/2017


Manufacturing has entered a digital revolution with the advent of Industrie 4.0 or the Industrial Internet of Things (IIoT) putting technology at the heart of processes, increasing quality, speed to market, and cost-effectiveness. However, with opportunity and innovations such as plant-wide connectivity, however, comes threat. These industrial security threats that should be on the agenda of every security professional in 2017:

IoT botnets — With an increasing number of unsecured Internet of Things (IoT) devices, we will likely see a greater number of botnets taking control. The Mirai botnet, for example, harvested the power of half a million devices and has already taken down ISPs, shutting down internet access in Liberia. This botnet is also available as a service for purchase on the dark web. This year, we can expect a perfect storm of connected devices heading for critical infrastructure.

Critical infrastructure in cyberwarfare — Greater reliance on insecure networked technology within critical infrastructure leaves holes for threat actors to exploit and nation states are likely to be some of the first with the sophistication to do so. With the changing geopolitical situation in Europe, the U.S. and the Middle East, there will be a greater number of targeted nation-sponsored attacks. Should a breach be successfully carried out, examples of the resulting impact could include black-outs, transportation chaos and the disruption of water source containment.

Black market exploits for SCADA — With business systems under increasing attack, the larger financial reward from successful hacks will only attract more threat actors. This year will see a greater trade in cyber weapons and supervisory control and data acquisition (SCADA) exploits through the dark web. IoT botnets are already for sale, with creators requiring a percentage of the money made from an attack, rather than an upfront payment, reducing any barriers to hacking systems.

APTs targeting SCADA systems — Advanced persistent threats (APTs), where attackers gain access to a network and remain undetected for long periods, will increasingly target industrial control system architecture such as SCADA. This could impact physical processes and manipulate systems, with the power to damage equipment or even cause severe damage. What remains to be seen is whether these hacks will end up discovered and mitigated, or remain covert.

Drone-based attacks — Hackers are set to better utilize drone technology to break into the networks of industrial facilities. Through hovering close by or even landing on target buildings, drones can be used to bypass any proximity security in place, successfully tracking keystrokes through wireless keyboards, for example. With increasing convergence, successful attacks on information technology (IT) systems now may provide hackers the means to target operational technology, resulting in unplanned downtime of critical systems.

Jalal Bouhdada is the founder and principal ICS security consultant for Applied Risk. He has over 15 years of experience in industrial control systems (ICS) security assessment, design and deployment with a focus on process control domain and industrial IT security. This content originally appeared on ISSSource.com. ISSSource is a CFE Media content partner. Edited by Chris Vavra, production editor, CFE Media, Control Engineeringcvavra@cfemedia.com

ONLINE extra

See additional stories from ISSSource about the IIoT linked below.



Engineers' Choice Awards
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers. Vote now (if qualified)!
System Integrator Giants
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
System Integrator of the Year
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
How to Maximize Factory Automation Efficiency with Low Cost Machine Vision
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Wireless Reliability in Harsh Environments
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
Human Factors and the Impact on Plant Safety
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
April 2018
Cybersecurity best practices, artificial intelligence, robotic additive manufacturing, embedded systems, IIoT integration, energy efficiency
March 2018
Digitalization integration, process sensors, edge computing, fog computing, condition monitoring, and motors
February 2018
DCS visibility, alarm management, motors and drives, robotic machining, Engineers' Choice winners
HMIs
Automation and controls continue to help HMI hardware and software advance. As computing capabilities progress, hardware has become more rugged with less maintenance required, with wider environmental capabilities, and integrated input/output (I/O) connections.
IIoT: Machines, Equipment, & Asset Management
Articles in this digital report highlight technologies that enable Industrial Internet of Things, IIoT-related products and strategies.
Machine Vision
This article collection contains several articles on how advancements in vision system designs, computing power, algorithms, optics, and communications are making machine vision more cost effective than ever before.
SIDB

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

April 2018
ROVs, rigs, and the real time; wellsite valve manifolds; AI on a chip; analytics use for pipelines
February 2018
Focus on power systems, process safety, electrical and power systems, edge computing in the oil & gas industry
December 2017
Product of the Year winners, Pattern recognition, Engineering analytics, Revitalize older pump installations
John O. Ayuk, PE, CFSE, PMP, CAP
Automation Engineer; Wood Group
Doug Baker
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
Data Centers: Impacts of Climate and Cooling Technology
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
Safety First: Arc Flash 101
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
Critical Power: Hospital Electrical Systems
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
Engineers' Choice Awards
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers. Vote now (if qualified)!
System Integrator Giants
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
System Integrator of the Year
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
How to Maximize Factory Automation Efficiency with Low Cost Machine Vision
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Wireless Reliability in Harsh Environments
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
Human Factors and the Impact on Plant Safety
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
April 2018
Cybersecurity best practices, artificial intelligence, robotic additive manufacturing, embedded systems, IIoT integration, energy efficiency
March 2018
Digitalization integration, process sensors, edge computing, fog computing, condition monitoring, and motors
February 2018
DCS visibility, alarm management, motors and drives, robotic machining, Engineers' Choice winners
HMIs
Automation and controls continue to help HMI hardware and software advance. As computing capabilities progress, hardware has become more rugged with less maintenance required, with wider environmental capabilities, and integrated input/output (I/O) connections.
IIoT: Machines, Equipment, & Asset Management
Articles in this digital report highlight technologies that enable Industrial Internet of Things, IIoT-related products and strategies.
Machine Vision
This article collection contains several articles on how advancements in vision system designs, computing power, algorithms, optics, and communications are making machine vision more cost effective than ever before.
SIDB

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

April 2018
ROVs, rigs, and the real time; wellsite valve manifolds; AI on a chip; analytics use for pipelines
February 2018
Focus on power systems, process safety, electrical and power systems, edge computing in the oil & gas industry
December 2017
Product of the Year winners, Pattern recognition, Engineering analytics, Revitalize older pump installations
John O. Ayuk, PE, CFSE, PMP, CAP
Automation Engineer; Wood Group
Doug Baker
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
Data Centers: Impacts of Climate and Cooling Technology
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
Safety First: Arc Flash 101
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
Critical Power: Hospital Electrical Systems
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
Engineers' Choice Awards
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by Control Engineering subscribers. Vote now (if qualified)!
System Integrator Giants
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
System Integrator of the Year
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
How to Maximize Factory Automation Efficiency with Low Cost Machine Vision
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Wireless Reliability in Harsh Environments
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
Human Factors and the Impact on Plant Safety
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
April 2018
Cybersecurity best practices, artificial intelligence, robotic additive manufacturing, embedded systems, IIoT integration, energy efficiency
March 2018
Digitalization integration, process sensors, edge computing, fog computing, condition monitoring, and motors
February 2018
DCS visibility, alarm management, motors and drives, robotic machining, Engineers' Choice winners
HMIs
Automation and controls continue to help HMI hardware and software advance. As computing capabilities progress, hardware has become more rugged with less maintenance required, with wider environmental capabilities, and integrated input/output (I/O) connections.
IIoT: Machines, Equipment, & Asset Management
Articles in this digital report highlight technologies that enable Industrial Internet of Things, IIoT-related products and strategies.
Machine Vision
This article collection contains several articles on how advancements in vision system designs, computing power, algorithms, optics, and communications are making machine vision more cost effective than ever before.
SIDB

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

April 2018
ROVs, rigs, and the real time; wellsite valve manifolds; AI on a chip; analytics use for pipelines
February 2018
Focus on power systems, process safety, electrical and power systems, edge computing in the oil & gas industry
December 2017
Product of the Year winners, Pattern recognition, Engineering analytics, Revitalize older pump installations
John O. Ayuk, PE, CFSE, PMP, CAP
Automation Engineer; Wood Group
Doug Baker
System Integrator; Cross Integrated Systems Group
Jose S. Vasquez, Jr.
Jose S. Vasquez, Jr.
Fire & Life Safety Engineer; Technip USA Inc.
Data Centers: Impacts of Climate and Cooling Technology
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
Safety First: Arc Flash 101
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
Critical Power: Hospital Electrical Systems
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
click me