ICSs and the Internet – what is actually happening
June 6, 2014
Many ICSs are connected to the Internet and it isn’t expensive to find them. ICSs continue to be connected to the Internet even though they may not be cyber secure. Be careful what you ask for - you just might get it.
There were two recent news items with respect to ICSs and the Internet:
- In 2012, Eireann Leverett estimated the cost of finding industrial systems on the Internet at about $1.59 per device/machine. In 2013, Reid Wightman and Eireann looked for a specific type with known vulnerabilities and got a cost of about $0.12 per vulnerable device. The folks at SCADA Strangelove mentioned they were able to find them at roughly $0.13 per vulnerable device. Last week, Jon Matherly revealed that he has added 7 ICS specific protocols to Shodan. With these 7 queries you can get 55,167 hits as of today. The economics suggests $20 for Shodan API fee /55,167 = $0.0003 per device/machine. Eireann expects it will cost less than 1 penny to find ICS devices on the Internet.
- DHS's ICS-CERT announced that hackers recently targeted and compromised a US public utility's control system. According to the DHS, the hackers broke into the utility's control system by accessing an Internet portal that employees use to sign on remotely. Apparently, the intruders mounted a "brute force" attack, guessing different password combinations until they found one that worked.
Now add the following selected (there are many more known) incidents:
In October 2013, a utility‘s substation located in a state capital had a substation device directly connected to the Internet on one side and SCADA on the other. Even worse, the device vendor’s website allowed the device to be remotely reconfigured.
In April 2014 a major utility’s renewable generation resources were controlled through inadequately secured web portals.
Project Shine found tens of thousands of ICS and ICS-related devices directly connected to the Internet. Even worse, Iran translated the Project Shine website into Farsi.
A US nuclear plant was fined for having control room computer systems used as terminals for Internet-based computer games.
…
The story is that MANY ICSs are connected to the Internet and it isn’t expensive to find them. ICSs continue to be connected to the Internet even though they may not be cyber secure. What’s more the new buzzwords are the “Internet of Things” and the “Industrial Internet” without defining what is really meant by “the Internet”. Be careful what you ask for - you just might get it.
The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...