Industrial Control Systems Cybersecurity and the next step on the path of 4IR

Industrial Control System is the generalized name for the tools that are used in critical infrastructure or in a modern manufacturing plant for process control and automation. Either in an automated Food factory or in a Metro rail or even in a Nuclear Power Plant everywhere Industrial Control Systems are present. Electricity, water, etc utilities are distributed using automated Industrial Control Systems. In short Industrial Control Systems are pronounced as ICS. They are so important for the Fourth Industrial Revolution. Because the industries you will use for revolution are themselves controlled with ICS. But there is an imminent cyber threat swarming around ICS and becoming stronger every day. If we ignore this threat and do not act the right way this threat can even ruin our current industries, let alone how we progress in the future. Examples of some of the ICSs are PLC, SCADA, DCS, etc. The newest ICS systems have the facility to control them over the internet from remote locations. Also different kind of Industrial IoT data acquisition makes the factory easy to monitor every aspect for the administrations and gain efficiency on cost per unit production. This remote connectivity either for control or data acquisition is becoming the door for hackers to attack them from anywhere in the world. Even if process control hardware such as PLC, SCADA, or any other type of ICS systems are not connected to the internet that is not also a hundred percent safe from the bad guys. Becoming aware and preparing for your best is now the preliminary need to keep your modern life going. If you do not act on time blaming someone at the end is the last thing that you can put on your to-do list.

The situation of Industrial Control Systems Security events around the world

ICS cyberattack first became visible on the discovery of STUXNET malware in 2010. Then other malware like HAVEX, BLACKENERGY2, CRASHOVERRIDE, and TRISIS are ICS targeted malware that got the attention of the cyber world and physical world with a significant amount of destruction. New malware targeting, ICS kept coming since then. How severe were their actions? According to Wikipedia STUXNET infected 2,00,000 computers and then ruined over 1000 machines. Ukraine’s power grid was attacked by malware. After that, more than 80,000 electricity customers lost connection. This way 2010 to 2020 was really eventful with this kind of ICS security event. But those events are a little old now. Dragos Inc a leading cybersecurity related company from the USA published “ICS Cybersecurity 2020 year in review”. Their research has found a total of 15 recent hacker groups who were very active to attack ICS systems around the world in 2020. Out of 15 groups, 4 hacker groups were new in 2020, on top of previously active 11 hacker groups. These 4 new groups are STIBNITE, TALONITE, KAMACITE, VANADINITE. They have got a 21% vulnerability increase in 2020 compared to that of 2019. According to Dragos in March 2020, PARISITE exploited Citrix vulnerability CVE-2019-19781 in intrusions targeting oil and gas entities. In April, new DTrack malware was created by WASSONITE group. The ALLANITE group was found collecting credentials for water and wastewater sectors in the following month. ALLANITE and DYMALLOY continued to target multiple United States (U.S.) industrial entities from September through October 2020. CHRYSENE was involved in malware development and used new tools to infiltrate ICS networks in the Middle 4 March 2021 East for intelligence gathering purposes.

On 5 February 2021, a water plant in Florida was accessed by cybercriminals and altered chemical mixing amount[3]. Luckily an operator saw the mouse cursor moving and selecting different control from the controller. Otherwise, who knows what the result would have been.

A Cybersecurity firm Claroty reported that in 2020, 893 vulnerabilities of ICS were revealed. 70% of these reported vulnerabilities can be exploited and controlled from the remote. These vulnerabilities were found in around 50 vendors. These 50 vendor’s millions of ICS are deployed around the world. According to research https://cisomag.eccouncil.org/cyberatt acks-on-ics-in-h1-2020-decline/ 37.8% of computer-related to ICS were attacked from Jan to Jun of 2020. The research found out that Asia and Africa are the worst prepared for the attack. Unluckily 10% of the attacked company does not even understand they are attacked and their system is compromised[4]. Because sometimes the harm can be seen easily with naked eyes but sometimes it cannot be seen. As an example of an easily understandable attack, say electrical distribution systems are down and electricity users are not getting electricity anymore. So then the electricity supplier company will certainly investigate and find that they were hacked. But sometimes an adversary will just control your machine so that the product you are making will be less in quality. Kind of slow poisoning. Suppose companies A and B produces Ice cream. Company A is best at what they do then B is second on the list. A,s Ice cream is favorite in the market. Now the bad guys can hiddenly hack your automated Ice cream machine so that A’s Ice cream does not taste the best anymore by altering the recipe a little bit. Then B’s Ice cream will certainly be best and now will go to the top.

To read the full magazine, please click here.