Enter any industrial segment; you will be shipped to a terrain of challenges, competition, and the war of the survival of the fittest. If automation and control drive most of the industrial activities in hotels, offices, factories, institutes, malls, etc. the cyber security quotient does arise. Cyber threats can lead to brand erosion and potentially significant monetary loss.
Asset owners who exploit automation and control systems like PLC, SCADA, and RFID are aware about the possible threats and accordingly install security solutions to minimize the risk of cyber attacks and breakdowns. Cyber attacks are generally aimed as a result of personal grievance or interrupting industrial activities for various gains, which may be political or monetary gains or business rivalries.
“Industrial automation involves use of open and collaborative networks. Users should be aware of the various threats and exploit measures to safeguard their industrial activities. It is generally a blend of inadequate firewalls, unsecured remote access, and lack of segmentation of network that makes automation and control systems more vulnerable to threats,” says Mr. C P Singh, Founder and Chief Mentor of Smart Automation (a leading service provider of home automation solutions and energy saving products).
Possible cyber threats / what causes cyber threats
• Error by installer / designer in configuring/installing the system
• Hacking of automation and control systems – SCADA, PLC, RFID
• Manipulation of industrial protocol simulated in a control system
• Manipulation of hardware devices
• Keeping a foothold by putting down a Trojan to maintain access
• Exfiltration of VPN configuration files
• Using SQL injection to do HMI attacks
• Cross-site request forgery and stealing of credentials
• Error in running processes and systems by the operator
• No adequate maintenance and upgradation of SCADA, PLC, RFID
• Malicious attacks from internal sources.
Network loopholes not to mention hardware and software issues can also facilitate easy cyber threats. When we speak about hardware and software issues, it is all about unsecured remote terminal units (RTUs), computers, specific HMI, smart phones, peripherals, USBs, etc. How the software is controlled also matters!
Here are few tips asset owners in the industrial segment can follow for safeguarding control systems from cyber attacks:
• Establishing base lines at the port and channel level
• Disable Internet access if you see a threat
• Prioritize on basic password management or changeover management
• Use a USB media lockdown
• Reduce observables for hackers to find you
• Put the control system on a sub-net to deny access to other systems
• Any unused feature of your control system should be secured and maintained
• Do not use unsecured and outdated hardware and software.
Addressing the challenges posed by cyber threats is what many an asset owner today is prioritizing when using automation and control systems.
Asset owners who exploit automation and control systems like PLC, SCADA, and RFID are aware about the possible threats and accordingly install security solutions to minimize the risk of cyber attacks and breakdowns. Cyber attacks are generally aimed as a result of personal grievance or interrupting industrial activities for various gains, which may be political or monetary gains or business rivalries.
“Industrial automation involves use of open and collaborative networks. Users should be aware of the various threats and exploit measures to safeguard their industrial activities. It is generally a blend of inadequate firewalls, unsecured remote access, and lack of segmentation of network that makes automation and control systems more vulnerable to threats,” says Mr. C P Singh, Founder and Chief Mentor of Smart Automation (a leading service provider of home automation solutions and energy saving products).
Possible cyber threats / what causes cyber threats
• Error by installer / designer in configuring/installing the system
• Hacking of automation and control systems – SCADA, PLC, RFID
• Manipulation of industrial protocol simulated in a control system
• Manipulation of hardware devices
• Keeping a foothold by putting down a Trojan to maintain access
• Exfiltration of VPN configuration files
• Using SQL injection to do HMI attacks
• Cross-site request forgery and stealing of credentials
• Error in running processes and systems by the operator
• No adequate maintenance and upgradation of SCADA, PLC, RFID
• Malicious attacks from internal sources.
Network loopholes not to mention hardware and software issues can also facilitate easy cyber threats. When we speak about hardware and software issues, it is all about unsecured remote terminal units (RTUs), computers, specific HMI, smart phones, peripherals, USBs, etc. How the software is controlled also matters!
Here are few tips asset owners in the industrial segment can follow for safeguarding control systems from cyber attacks:
• Establishing base lines at the port and channel level
• Disable Internet access if you see a threat
• Prioritize on basic password management or changeover management
• Use a USB media lockdown
• Reduce observables for hackers to find you
• Put the control system on a sub-net to deny access to other systems
• Any unused feature of your control system should be secured and maintained
• Do not use unsecured and outdated hardware and software.
Addressing the challenges posed by cyber threats is what many an asset owner today is prioritizing when using automation and control systems.
No comments:
Post a Comment