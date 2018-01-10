A common nightmare scenario for cyber security professionals is a debilitating attack on an industrial facility like a chemical plant or oil refinery. Hackers can poison America at the push of a button, so the story goes. Is this a realistic scenario? Yes and no.

The premise of the deadly industrial cyberattack is that Industrial Control Systems (ICSs) are vulnerable to being turned off remotely by means of malware or denial of service attacks. This is a risk, obviously, but it may be a little bit overstated. Any information system can be compromised in this way. However, in general, ICSs enjoy a number of built-in protections from external attack.

ICSs, by design, are usually segregated from the main corporate networks and information infrastructure. ISC administrators do not want their systems to be subject to the outages and risks faced by the general corporate network. They generally do not allow for remote access, e.g. via VPN, which is a common attack vector in mainstream cyber threats. ICSs are also usually built on proprietary processors and operating systems.

An ICS is a lot harder to hack than a basic corporate server. It’s hard to reach from outside. It’s less vulnerable to tricks like spear phishing. Given its network segregation, it would be difficult to shut off an ICS with a Denial of Service attack.

Risks are increasing for ICS, however, through a well-intentioned effort known as Industry 4.0. Industry 4.0 is trying to move the ICS into the realm of the Internet of Things (IoT). It puts capabilities like interoperability, data transparency and autonomous cyber systems into the service of industrial operations. Its openness, self-directed and interconnected nature create new security challenges.

Industry 4.0 potentially increases risk by opening up industrial systems to the outside world. A security breach, or any IT disruption for that matter, could bring the production process to a halt. The personnel managing these systems may not be familiar enough with the risks of interconnectedness to prepare adequate controls and countermeasures.

For example, connected systems can predict their own failure and automatically perform maintenance. They can automatically react to production changes. People may or may not be involved. This development may benefit business, but it represents an increase in risk. If a critical industrial system is self-governing, it could cause harm if a malicious actor gained unauthorized administrative access to it.

There are solutions. Privileged Access Management (PAM) solutions can mitigate the risk of unauthorized access to an ICS. With this type of solution, an industrial IT department can define, enforce and manage access control policies globally and view comprehensive reports of all network activity.