5 industrial control system cyber security mistakes

From spear phishing to encryption errors, there are many ways to let bad guys into your networks.


Recently, I attended ICS Cyber Security (301) Training at the U.S. DHS CERT facility in Idaho Falls, Id. The five-day event featured hands-on training in discovering who and what is on the network, identifying vulnerabilities, learning how those vulnerabilities may be exploited, and learning defensive and mitigation strategies for ICSs (industrial control systems). Here are five key takeaways from that training.

1. Spear phishing attacks

Do you know how most computer networks are compromised? By employees that can’t resist an email with a subject line: “Click here to get free gas for a year.” Literally, that is the subject line. This is called phishing and it's the most prevalent way that a hacker gets through a company’s initial network defenses. Phishing emails go to large volumes of addressees and use a generic offer, such as free gas or an error from a bank. Spear phishing is more specifically directed at a particular company or other smaller group of individuals using a more tailored offer. Either way, this technique uses a malicious email that effectively plants a tiny program, known to most people as a virus or malware but functionally different, that grants access to the victim’s computer from outside the network. The difference is that, instead of implanting a virus, the attacker uses this access to explore the network secretly. There are easy, generally available tools that can be used to find further weaknesses which allow additional access deeper into the network, and ultimately to the industrial control system.

2. Wi-Fi weaknesses

You may be enjoying the convenience of using Wi-Fi on your control network. However, if your wireless networking equipment was installed before 2006, it is likely other people can also enjoy using it to get access to your equipment! The only safe way to go wireless is with WEP2 encryption. This is standard on all new COTS (commercial off the shelf equipment) and is considered safe, at least for now.

3. Hard drive encryption

If you have a strong laptop password but choose not to encrypt your hard drive, if your laptop is stolen, the thief can have full access to your company’s network. This access is generally gained through Microsoft machines’ connectivity—the feature that allows you to move from office to office while still maintaining connection to your network. Connectivity works because Microsoft stores a “token” or “hash” on your computer that says “Hey, this is a trusted company laptop with a correct password.” Attackers can use your token or hash to spoof a system to think that another laptop is your trusted company laptop and then they can gain access to your network. The only way to prevent this is to encrypt your hard drive. This process is actually fairly simple, so ask your network administrator how to do this if you travel a lot with your laptop.

4. Remote access

Since many PLCs and other industrial controllers now have web browsers, many people like to log in from home to keep up with what’s happening at the plant. However, they don’t realize that a few extra steps are needed to make sure an attacker can’t also enjoy that convenience. Embedded web browsers in PLCs assume that they are for internal use only, so they have little or no security features. Did you know that there are systems that actually search for PLCs on the Internet? Check out shodanhq.com to see if your PLC has been found yet. Do you want a bored 15-year-old to shut off your cooling tower, or something more important? Don’t be tempted to add external access to your control network without the proper layered security, or you might be the next Internet hacking headline.

5. Software patching

There is no clear answer to the “to patch or not to patch” question. Many software companies recommend, or explicitly state, that systems should receive software updates and patches to prevent them from being exploited by known vulnerabilities. But what if a patch causes your HMI (human machine interface) to crash? What is worse, a possible exploit or an unplanned outage caused by a failed software update? To the technician who anticipates being the person receiving the blame when the system crashes because of the patch, that answer is clear. So what is a technician to do? The only solution is to know what vulnerabilities exist in your system. Maybe some extra care and protection are required for you HMI’s running Windows 2000. For example maybe you need an extra firewall. You might find that less attention is needed for new Windows 7 HMI computers when they are regularly updated by IT.

Security takes time and effort, and properly prioritizing your response can give you the best protection for the lowest cost. For more visit the ICS-CERT overview of cyber vulnerabilities.

This post was written by Bruce Billedeaux, PE. Bruce is a senior consultant at MAVERICK Technologies, a leading system integrator providing industrial automation, operational support, and control systems engineering services in the manufacturing and process industries. MAVERICK delivers expertise and consulting in a wide variety of areas including industrial automation controls, distributed control systems, manufacturing execution systems, operational strategy, and business process optimization. The company provides a full range of automation and controls services – ranging from PID controller tuning and HMI programming to serving as a main automation contractor. Additionally MAVERICK offers industrial and technical staffing services, placing on-site automation, instrumentation and controls engineers.

No comments
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
Safety for 18 years, warehouse maintenance tips, Ethernet and the IIoT, GAMS 2016 recap
2016 Engineering Leaders Under 40; Future vision: Where is manufacturing headed?; Electrical distribution, redefined
Strategic outsourcing delivers efficiency; Sleeve bearing clearance; Causes of water hammer; Improve air quality; Maintenance safety; GAMS preview
SCADA at the junction, Managing risk through maintenance, Moving at the speed of data
Safety at every angle, Big Data's impact on operations, bridging the skills gap
The digital oilfield: Utilizing Big Data can yield big savings; Virtualization a real solution; Tracking SIS performance
Applying network redundancy; Overcoming loop tuning challenges; PID control and networks
Driving motor efficiency; Preventing arc flash in mission critical facilities; Integrating alternative power and existing electrical systems
Package boilers; Natural gas infrared heating; Thermal treasure; Standby generation; Natural gas supports green efforts

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
This article collection contains several articles on the vital role of plant safety and offers advice on best practices.
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.
This article collection contains several articles on strategic maintenance and understanding all the parts of your plant.
click me