Thank You Sponsors!













How to Improve Industrial Automation Security

The post How to Improve Industrial Automation Security first appeared on the ISA Interchange blog site.

This excerpt from InTech magazine was written by Sven Schrecker, chief architect of Intel Security’s IoT Security Solutions Group.

The history of industrial automation fascinates me. Continuous innovation and new technologies have taken manufacturing processes that originated in the Industrial Age and catapulted them straight into the information age. Just as productivity seemed to be topping out, the Internet helped boost productivity and efficiency to previously unimaginable levels. Unfortunately, as industrial automation roared into today’s data-driven, Internet-connected world, it sped past digital security without taking its foot off the accelerator.


Welcome to the digital age, where an anonymous hacker in some virtual landscape can throw a wrench into industrial automation systems. How do we secure these systems while still meeting the needs of corporate stakeholders? Operational technology (OT) teams still demand high resiliency and availability. Information technology (IT) teams demand interconnectivity, enterprise security, and compliance. And both of these teams must accommodate the new kids on the block: data analysts who require real-time data capture, sharing, and analysis for every decision in the business.

This article discusses the current state of industrial automation system security, the technological and organizational challenges of improving it, and a dynamic model for embedding end-to-end trust and security into industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems.

Crime and conflict have a new address

Physical break-ins and attacks on SCADA and ICS systems are largely a twentieth-century phenomenon. The overwhelming majority of attacks today are carried out by well-resourced, highly motivated attackers who are often accomplished software engineers working for cybercrime syndicates on other continents. Business competitors and nation states are the latest cyberwarfare participants, as the battleground has expanded to include manufacturing facilities, entertainment companies, and critical infrastructure. Here are a few noteworthy examples:

  • The most notorious attack on an industrial automation system was in 2010, as the Stuxnet computer worm attacked industrial programmable logic controllers within an Iranian nuclear enrichment facility, subtly manipulating the feedback data of centrifuge units. This is believed to be one of the first attacks carried out by a nation state, although the source of the attack was never authoritatively identified.
  • In December 2014, a German federal agency confirmed that a German steel plant was targeted by a malicious email that allowed hackers to cross over into the production network. The plant’s controls system was compromised, preventing the furnace from being shut down. The result was the first time that “massive physical damage” to the production system was experienced; it catapults us into the new age of cyber-physical attacks with safety threats for humans.
  • In December 2014, a leading industrial automation system provider patched a series of flaws in its remote terminal unit controllers used in oil and gas pipelines. The flaws included hidden functions, an authentication bypass, and hard-coded credentials, which could allow remote exploits of the devices. Although no breaches have been reported to date, the existence of vulnerabilities like this could cause extremely dire consequences.

Sadly, these types of security events continue to increase both in terms of damage and frequency. For a current list of alerts, advisories, and reported attacks, visit the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) website.

Attacking data

Data capture and analysis is today’s competitive weapon—generating analytical insights that refine and optimize processes in every area of business. It is not uncommon for manufacturers to invest hundreds of millions of dollars to achieve a 10 to 20 percent efficiency increase. The efficiencies come from data-driven decisions gained through insights from customer use and demand, purchasing, supply-chain optimization, manufacturing production processes, predictive planning, and more.

By hacking and subtly manipulating data, attackers can de-optimize a company’s processes without anyone even knowing. Even the most subtle data manipulation in any of these areas can cripple a business that is on razor-thin margins.

Click here to read the complete article by Sven Schrecker on industrial cybersecurity at InTech magazine.

About the Author
Sven SchreckerSven Schrecker is the chief architect of Intel Security’s IoT Security Solutions Group. He co-chairs the Security Working Group for the Industrial Internet Consortium, where he works on open, standards-based platforms to enable end-to-end security across both existing (brownfield) and new (greenfield) technologies
Connect with Sven:


Source: ISA News