ICS / SCADA / IOT Security
Cyberteam Security Services provides Industrial Control System (ICS), Supervisory Control and Data Acquisition (SCADA) and Internet of Things (IoT) security solutions for threats to oil and gas, power, water, medical, automobiles, household and personal , for these three reasons:
- ICS / IoT Risk – Complex legacy installed technology from 30 or more years ago, and high attack consequences lead to high cybersecurity risks for most ICS and IoT devices and systems.
- ICS Architecture – IT security professionals, generally have a weak technical understanding of existing legacy ICS and the latest IoT systems, architectures, and security risks.
- Two-Step Security Integration – Current ICS, SCADA, and IoT security is generally more focused on traditional controls as a base for later enhancements
The specific endpoint devices relevant to ICS, SCADA, and IoT include, but are certainly not limited to, the following obvious device classes:
- Industrial Devices – This group of Industrial devices is by far the broadest category from a cybersecurity perspective because it affects so many critical infrastructure systems and essential services. The control elements for ICS are typically referred to collectively as SCADA, and many unique cybersecurity issues arise in the protection of ICS / SCADA systems from malicious attacks.
- Medical Devices – This group of devices related to medical privacy as well as assuring the integrity of life-critical treatments. Traditional mobility security and encrypted application VPN technology apply here, but medical device connectivity to the Internet introduces problems similar to ICS / SCADA.
- Connected Cars – In the next few years, all automobiles will become natively connected to the Internet across mobile service provider (MSP) wireless infrastructure. Infrastructure security issues associated with connected cars are similar to ICS / SCADA, but as autonomous vehicles become more regularly seen across the world, securing the communication protocols between cars will emerge as a new area of cybersecurity. Academics should be working more vigorously today to establish foundational frameworks for secure inter-vehicle communications.
- Household and Personal Devices – This device grouping is included in the Internet of Things (IoT) and includes whimsically connected items such as toys and refrigerators, but also bleeds into traditional mobility with items such as wearable devices. IoT generally refers to connected devices that are neither mobile devices, computers, or ICS systems with safety, life, and critical infrastructure implications.
Industrial Control System and IoT Technologies
In general, the primary functional components in an ICS can be listed as follows:
- Management System – The Management systems include the consoles and human-machine interfaces required for Industrial Control System operators to control and operate an ICS. Many ISC management systems include proprietary software and systems developed long before the industrial endpoints were being considered for remote access. Cyber criminals obviously have a great interest in finding and owning these systems.
- Diagnostic System – Diagnostic systems organize sensor telemetry information for use by Industrial Control System operators. Diagnostics have not traditionally included security signatures or profiles, but with increasing attention to cybersecurity, this area is expected to change.
- ICS Network – An Industrial Control System network provides wireless or physival wired transport and connectivity between ICS components. When this connectivity involves the use of the public Internet, the result is often referred to as the Industrial Internet. Private ICS networks should, in theory, be more secure than public ones, but the application specifics will always dictate the risk levels.
- ICS Controller – An Industrial Control System controller includes the logic for managing actuators and sensors based on management input. ICS controllers will soon integrate with software-defined networking (SDN) from service providers, but this will make it harder for legacy and proprietary applications. An advantage of SDN integration is that security analytic processing becomes an important SDN controller adjacency that can help with ICS protection in real-time.
- Actuators – Actuators include the electronics, motors, and other components for starting and stopping activity in the controlled system and associated processes. These components are usually controlled by legacy and even non-standard network protocols designed without much consideration for authentication or encryption. The idea of cyber criminals gaining access to actuators connected to some part of a nuclear facility is a frightening thought.
- Sensors – Sensors collect data from the controlled system and associated processes. Telemetry is one of the main areas of industrial control security that will require increased confidentiality controls.
- Controlled System – The controlled system is the specific, target industrial system that is being managed. Such targets can range from consequential Industrial Control System critical infrastructure like nuclear plants, to more whimsical IoT devices such as children’s toys.
The ICS / SCADA / IOT Security information shown above is mostly generic and based on best-practice, therefore to get a better understanding on what we can do for your business, all we ask is that you contact us to discuss your cybersecurity security needs to protect your ICS, SCADA, and IOT systems and data.
Click here to contact us