By Jalal Bouhdada
Manufacturing has entered a digital revolution with the advent of Industry 4.0 or the Industrial Internet of Things (IIoT) putting technology at the heart of processes, increasing quality, speed to market and cost-effectiveness.
However, with opportunity and innovations such as plant-wide connectivity, however, comes threat.
The following are a look at the industrial security threats that should be on the agenda of every security professional in 2017:
IoT botnets – With an increasing number of unsecured IoT devices, we will likely see a greater number of botnets taking control. The Mirai botnet, for example, harvested the power of half a million devices and has already taken down ISPs, shutting down internet access in Liberia. This botnet is also available as a service for purchase on the dark web. This year, we can expect a perfect storm of connected devices heading for critical infrastructure.
Critical infrastructure in cyberwarfare – Greater reliance on insecure networked technology within critical infrastructure leaves holes for threat actors to exploit and nation states are likely to be some of the first with the sophistication to do so. With the changing geopolitical situation in Europe, the U.S. and the Middle East, there will be a greater number of targeted nation-sponsored attacks. Should a breach be successfully carried out, examples of the resulting impact could include black-outs, transportation chaos and the disruption of water source containment.
Black market exploits for SCADA – With business systems under increasing attack, the larger financial reward from successful hacks will only attract more threat actors. This year will see a greater trade in cyber weapons and SCADA exploits through the dark web. IoT botnets are already for sale, with creators requiring a percentage of the money made from an attack, rather than an upfront payment, reducing any barriers to hacking systems.
APTs targeting SCADA systems – Advanced Persistent Threats (APTs), where attackers gain access to a network and remain undetected for long periods, will increasingly target industrial control system architecture such as SCADA. This could impact physical processes and manipulate systems, with the power to damage equipment or even cause severe damage. What remains to be seen is whether these hacks will end up discovered and mitigated, or remain covert.
Drone-based attacks – Hackers are set to better utilize drone technology to break into the networks of industrial facilities. Through hovering close by or even landing on target buildings, drones can be used to bypass any proximity security in place, successfully tracking keystrokes through wireless keyboards, for example. With increasing convergence, successful attacks on IT systems now may provide hackers the means to target operational technology, resulting in unplanned downtime of critical systems.
Jalal Bouhdada is the founder and principal ICS security consultant for ICS security provider Applied Risk. He has over 15 years’ experience in Industrial Control Systems (ICS) security assessment, design and deployment with a focus on Process Control Domain and Industrial IT Security.