The common notion that industrial assets are immune to cyber-attacks if parts of them are isolated from the Internet (or other vulnerable corporate networks) is no longer practical in a hyper-connected enterprise. Although complete air-gapping of an industrial network is possible, there are several reasons why this may not be a reliable security measure for industrial enterprises.
  • Wi-Fi, Ethernet ports, and USB ports present vulnerable attack surfaces
  • No matter how diligent, file transfers between the company and outsiders are likely inevitable, and hackers can infiltrate even the most conscientious organization’s network through any errant thumb drive
  • An increasing number of companies are encouraging employees to bring-your-own-device (BYOD), and the probability of a cyber-attack through compromised personal devices is high 

Even if an industrial network is tightly air gapped, it is still vulnerable to potential threats from accidental or intentional damage from internal sources. The only way to control this internal attack vector is by continuously monitoring the network and by implementing rigid access control mechanisms.

Cyber-Attacks: Types and Motives

 An old saw in cybersecurity circles contends that hackers hack for three reasons: to make a mess, to make money, or to make war. In reality, the situation is slightly more complex. According to a new report from Frost and Sullivan, cyber threats come in the form of people, organizations, and nation states:

  1. Hijacking industrial automation and control systems for economic and political gains
  2. Identifying weaknesses and improving system networks by “white hat” hackers
  3. Black hat hacking such as espionage, extortion, theft, and vandalism
  4. Economic motivations such as theft of intellectual property or other economically valuable assets
  5. Inadvertent actions that are taken without malicious or harmful intent

Screen Shot 2017-03-13 at 11.46.53 AM.png

The IT-OT Convergence Dilemma

Traditionally, IT and OT have been two different silos, each operating in its own environment. However, with companies pursuing increased operational efficiencies and profit margins, the convergence of IT and OT is inevitable. A converged IT-OT scenario will often drive the initiative for implementing industrial cyber protection.

Every organization must carefully assess and identify vulnerabilities through which black hats can potentially infiltrate the system. Cyber-attacks are triggered by several sources such as competition, political rivalry, and hostile employees who want to disrupt the plant operations. The most dangerous trigger, however, is state-sponsored attacks, which can have an environmental impact and are specifically intended to create destruction on a massive scale.

Critical infrastructure such as power grids depend on massive IT networks. Most current cyber defense mechanisms are outdated and have proven vulnerable to sophisticated hacking attempts. The frequency of attacks on critical infrastructure that can potentially cause large-scale destruction has been increasing at an alarming rate.

Even though attacks are spread across the manufacturing industry, data suggests that energy organizations are more prone to these attacks, which have become more sophisticated over the years. At least 75% of companies in the oil and gas and power sectors have experienced one or more successful attacks in the past year. More than 15% of cyber-attacks come from the energy sector. In the past, the energy sector has been targeted in the form of attacks such as Stuxnet, Duqu, Shamoon, and Night Dragon. 

Want to learn more about attack motives and how to take strides towards a secure industrial infrastructure? Download our Essential Guide to Cyber Security in the Era of IIoT.

Download Now