Copyright

Vulnerabilities in Industrial Control Systems (ICS)

Instructor: Archna Khubchandani

Archna has a professional post graduate diploma in system management for programming, system analysis, & design.

This lesson explores the five common vulnerabilities to an Industrial Control System (ICS): buffer overflows, unauthenticated protocols, weak user authentication, untimely adoption of software and poor password policies.

Vulnerabilities in Industrial Control System (ICS)

News about cyber-attacks are becoming increasingly common in today's connected world. Majority of ICS today connect to the Internet. ICS consists of multiple devices, computers, controllers, communications paths, and software integrated to communicate and operate industrial processes. This makes ICS vulnerable to electronic intrusion and malware from both inside and outside the control system network. Unless taken care of, a hacker knowledgeable in software, process equipment, and networks can use electronic means to gain access to ICS. Wireless access points also present vulnerabilities. Let's look at some of the important vulnerabilities shown in Figure 1, which are common to almost all ICS components.


Figure 1: Vulnerabilities in ICS
Vulnerabilities in ICS


Buffer Overflows

Buffer overflows are programming errors caused by software developers where the program overruns the boundary of the buffer and overrides adjacent memory blocks. Such programs can cause corruption of data, permit execution of malicious code within the system, or crash the system. Proper testing and validation of the program, especially with boundary values, are essential to overcome such errors.

Poor input validations can also lead to other forms of cyber-attacks such as:

  • SQL injections, where malicious code is embedded in to the application and then passed to the backend database, which causes abnormal query results.
  • Cross-site scripting, where client-side scripts are injected in to web pages by hackers, which will bypass the access controls set by the system.

To overcome buffer overflows, comprehensive testing of software must be done before being used in live systems.

Unauthenticated Protocols

Authentication data is used by protocols to validate connectivity between devices on a network. They are a very important protection layer in a communication network. Skipping authentication in protocols, can allow any computer or device connected to the network to input commands to manipulate or alter the operations controlled by ICS. This could cause erroneous operations and damage to goods, plant equipment, and humans.

Following measures can be taken by organizations to decrease the risk posed by unauthenticated protocols:

  • Identify all unauthenticated protocols in use and implement authentication options, wherever feasible
  • Request authentication features from device manufacturers
  • Map the remote access points and implement adequate security resources and practices
  • Configure firewalls and restrictive access control lists

Weak User Authentication

Authentication is the means by which a user identifies himself to the system. Authentication details sent in clear text, hard-coded passwords, and easily cracked passwords are all prone to cyber-attacks. Unless password policies are regularly changed, knowledge-based authentication can be incredibly weak. On the other hand, identity-based authentication such biometrics, where fingerprints or iris scans are used for authentications are much harder to imitate or bypass.

Untimely Adoption of Software

Software not tested thoroughly for all input conditions and error conditions can lead to holes in ICS and invite malicious hackers. This holds good for patch implementations too. A patch or a fix is a set of software updates designed to resolve functionality issues, fix bugs, fix security vulnerabilities, and add new features.

Any updates to the system, either in software or hardware, must follow a proper checklist before being used, in order to ensure functioning of technology at the required level.

Poor Password Policies or Management

What do you think are the main reasons for cyber-attacks such as fraudulent online transactions or ATM transactions? We all underestimate the power of decent password management. We go by convenience of keeping a known simple password everywhere. Certainly, it is worth the few seconds to think and keep a more stringent password and change that password at frequent intervals. Following are some guidelines that you can follow while creating a good password:

  • It should contain a minimum of six characters and include at least one each of an uppercase letter, a lowercase letter, a special character, and a number.
  • It should not contain any of your personal information.
  • It should not contain any word spelled completely.
  • It must be different from your previously used passwords.

Organizations must choose identity-based authentication such as biometrics.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account
Support