Insidious ICS Hacks Underscore Need of Industrial Control Systems Hardening at the Network, Endpoint, and Protocol Level
Industrial Control Systems (ICSs), including Supervisory Control and Data Acquisition (SCADA) systems and Programmable Logic Controllers (PLCs) are the basis of critical industries. Still, many are not designed for an increasingly connected industrial environment and usually lack rudimentary security features. Only less than 5% of critical industrial infrastructure is monitored for threats, which means advanced malware such as the ICS-specific Pipedream malware can wreak havoc on industrial organizations. Newer malware like Pipedream can infiltrate ICSs across industrial sectors, making them more versatile than previous industrial malware that was dedicated to specific industrial segments. Hackers can run amok in ICSs for months or even years before being identified. By that time, considerable damage can be done, even if the system appears to function.
ABI Research, a global technology intelligence firm, forecasts that by 2030, connected machines and production systems within factories will exceed 1.2 billion connections. Industrial 4.0 and industrial Internet technology investments are expected to grow from US$41 billion in 2022 to nearly US$200 billion by 2030. This burgeoning environment expands the attack vector and will contribute to various security solutions given the assortment of networks, endpoints, and connection protocol heterogeneity.
To mitigate attacks against industrial organizations, it is necessary to adopt three major ICS hardening solutions in parallel. These solutions are endpoint and network security and securing ICS protocols. These are areas where hardening takes place.
“An attack on network infrastructure targets the connection between ICS devices and the SCADA system or attempts to intercept data in movement. This could include eavesdropping on network traffic, disrupting network communications, or exploiting vulnerabilities in network devices, such as switches or routers. An ICS cyberattack could also target the data stored within ICSs. An attack on endpoints targets applications, systems, or devices connected to an industrial control network,” explains Michael Amiri, Senior Industrial Cybersecurity Analyst at ABI Research.
Most ICS-connected components, such as PLCs, are connected via physical fixed lines, such as Ethernet technology using cables. “Most other connected industrial applications from industrial pumps, intelligent industrial electric motors, and robots to HMIs are also connected with fixed lines. This means protocol cybersecurity and firewalls, authentication technologies, and unidirectional gateways will see strong demand for the foreseeable future,” Amiri says.
Amiri notes that other modes of connectivity in industrial settings, including 5G and LPWA-LTE, are rapidly growing and will be prominent modes of industrial connection by 2030, meaning that vendors that provide 5G network security will see a ripe market for growth. “The market for fixed-line security will be the largest, but 5G connectivity security is the most promising, especially for new entrants,” he says.
The ICS cybersecurity environment can generally be categorized into software cybersecurity providers, hardware security, and manufacturers of ICS equipment. Larger companies, such as ABB and Siemens, provide all these services. Others, such as OTORIO or Irdeto, are software cybersecurity companies focusing specifically on software solutions installed on the network. NXP is a semiconductor and Microcontroller Unit (MCU) manufacturer, yet advanced chips are increasingly deployed in industrial equipment and network connectivity so that they can be categorized as an integral part of ICS components.
These findings are from ABI Research’s Industrial Control Systems Security: Hardening Networks and Endpoints application analysis report. This report is part of the company’s Industrial Cybersecurity research service, which includes research, data, and analyst insights. Based on extensive primary interviews, Application Analysis reports present an in-depth analysis of key market trends and factors for a specific technology.