As recently reported by The Register, a proof-of-concept PLC worm could spell disaster for the critical infrastructure by making attacks exponentially more difficult to detect and stop.
Unfortunately, the proof of concept of a PLC worm is a viable scenario which could cause immeasurable damage both in the power industry, and to the lives of many people. At Waterfall Security, we’ve been warning the industry about similar attacks for many years now. This media attention is a good sign of the overall growing awareness to the vulnerable state of critical infrastructure protection.
In any case, this is just an example of a possible attack. The thing to remember is that as soon as you find a solution to mitigate one attack, there will be a new malware, worm or a new class of attack able to hack into industrial control systems. On an optimistic note, finally, cyber risks for critical infrastructure are starting to receive the serious attention that they deserve.
When planning a security posture on a control system, the best solution is to deploy ‘blanket’ technologies and methods, which addresses many threats and many classes of attacks. This is also much more cost effective. This is especially true in protection against remote control attacks, and in reducing malware from spreading more in the system.
Preventing a remote, externally controlled attack to penetrate a network is the most important task, as this class of attacks represents the biggest threat on control networks.
In terms of malware spreading internally, after already infiltrating an industrial control system, no matter how it got in, a strong internal segmentation approach should be followed to reduce infection speed and breadth.
In both scenarios, a combination of tools may be deployed, from unidirectional gateways, at the ICS perimeter, which physically blocks the industrial network from the corporate network, to application control, which limits application execution by an approved lists, to firewalls which provides good internal segmentation. Each site with its multiple access points and vulnerabilities should be evaluated individually to assess its required level of security.
Most importantly, we have to stop approaching OT security and its impact on safety and operational reliability with the traditional IT mindset. The implications of breaks in OT security are more harrowing and demand better protection than IT solutions can provide.