This chapter covers only some of the vulnerabilities found in only some of the industrial protocols out there. There are many more protocols and many more vulnerabilities and exploitation methods we could discuss, probably filling an entire book by itself. I choose the protocols that did make the chapter based on their prevalence out on the ICS networks in plants and factories. Then, I picked the most obvious vulnerabilities for those protocols. As it turns out, these vulnerabilities are also easy to exploit. This is the state of affairs ICS security is in, unfortunately. Apart from one or two extremely well-funded attacks, most ICS (OT) breaches use attack vectors that were eliminated from IT networks ages ago. A recently discovered malware campaign is a great example of this. The malware that took down the Ukrainian power grid in 2015 was first believed to be a...
Industrial Cybersecurity
By :
Industrial Cybersecurity
By:
Overview of this book
With industries expanding, cyber attacks have increased significantly. Understanding your control system’s vulnerabilities and learning techniques to defend critical infrastructure systems from cyber threats is increasingly important. With the help of real-world use cases, this book will teach you the methodologies and security measures necessary to protect critical infrastructure systems and will get you up to speed with identifying unique challenges.Industrial cybersecurity begins by introducing Industrial Control System (ICS) technology, including ICS architectures, communication media, and protocols. This is followed by a presentation on ICS (in) security. After presenting an ICS-related attack scenario, securing of the ICS is discussed, including topics such as network segmentation, defense-in-depth strategies, and protective solutions. Along with practical examples for protecting industrial control systems, this book details security assessments, risk management, and security program development. It also covers essential cybersecurity aspects, such as threat detection and access management. Topics related to endpoint hardening such as monitoring, updating, and anti-malware implementations are also discussed.
Table of Contents (13 chapters)
Preface
Free Chapter
Industrial Control Systems
Insecure by Inheritance
Anatomy of an ICS Attack Scenario
Industrial Control System Risk Assessment
The Purdue Model and a Converged Plantwide Ethernet
The Defense-in-depth Model
Physical ICS Security
ICS Network Security
ICS Computer Security
ICS Application Security
ICS Device Security
The ICS Cybersecurity Program Development Process
How would like to rate this book
Customer Reviews
