During last week's ICS Cyber Security Conference in Atlanta (the world's oldest Industrial Control security conference), we made an announcement that sounded obvious to us but was surprising to many attendees:
Industrial Control Systems (ICS) and Supervisory control and data acquisition (SCADA) systems have lived in relative obscurity for decades. These devices and controllers use proprietary protocols in their build, software stacks, and communications protocols. Now they are using the same technology as your smart home controller or WiFi camera.
Industrial Control Systems (ICS) use the same technology as Internet of Things (IoT) devices and are susceptible to similar attack vectors as your DVR or WiFi Camera.
What is the Internet of Things anyway? Embedded devices have been around for decades. They are single-purpose operating systems or mini computers with a specialized function. What is new with the "Internet of Things" is the unprecedented connectivity and ubiquity of devices.
We see many legacy control systems connected to IP or Ethernet-based networks. In Europe, "Industry 4.0" is driving connectivity of the manufacturing floor. We see programmable logic controllers with Ethernet connections and old-school traffic control systems with IP-capability. There are clear business drivers for this "digital transformation" as connectivity and data analytics bring insights to drive down costs, improve efficiency and reduce downtime.
The industry is choosing cheap Systems-on-Chip (SOS)s over custom and expensive Application Specific Integrated Circuits (ASICs). These SoCs use embedded firmware, opening ICS devices up to the same attack vectors as consumer products:
ICS = IoT because industry is choosing SoCs and FPGAs with embedded firmware and OS instead of custom ASICs.
The attack vectors for the Industrial Internet of Things are different from traditional malware that spreads between computers and servers. Attackers can extract firmware and use it to create remote exploits. Firmware vulnerabilities can propagate from edge devices all the way up to exploit desktops and HMI systems. As we look for solutions to address this new threat model, we need to leverage the unique behavior of connected devices for their protection.
Join us at one of our upcoming trainings or events and learn more about securing the digital transformation.