Less than 5% of critical industrial infrastructure is monitored for threats

Industrial Control Systems (ICSs), including Supervisory Control and Data Acquisition (SCADA) systems and Programmable Logic Controllers (PLCs) are the basis of critical industries. Still, many are not designed for an increasingly connected industrial environment and usually lack rudimentary security features. Only less than 5% of critical industrial infrastructure is monitored for threats, which means advanced malware such as the ICS-specific Pipedream malware can wreak havoc on industrial organizations. Newer malware like Pipedream can infiltrate ICSs across industrial sectors, making them more versatile than previous industrial malware that was dedicated to specific industrial segments. Hackers can run amok in ICSs for months or even years before being identified. By that time, considerable damage can be done, even if the system appears to function.

ABI Research, a global technology intelligence firm, forecasts that by 2030, connected machines and production systems within factories will exceed 1.2 billion connections. Industrial 4.0 and industrial Internet technology investments are expected to grow from US$41 billion in 2022 to nearly US$200 billion by 2030. This burgeoning environment expands the attack vector and will contribute to various security solutions given the assortment of networks, endpoints, and connection protocol heterogeneity.

To mitigate attacks against industrial organizations, it is necessary to adopt three major ICS hardening solutions in parallel. These solutions are endpoint and network security and securing ICS protocols. These are areas where hardening takes place.

“An attack on network infrastructure targets the connection between ICS devices and the SCADA system or attempts to intercept data in movement. This could include eavesdropping on network traffic, disrupting network communications, or exploiting vulnerabilities in network devices, such as switches or routers. An ICS cyberattack could also target the data stored within ICSs. An attack on endpoints targets applications, systems, or devices connected to an industrial control network,” explains Michael Amiri, Senior Industrial Cybersecurity Analyst at ABI Research.

Most ICS-connected components, such as PLCs, are connected via physical fixed lines, such as Ethernet technology using cables. “Most other connected industrial applications from industrial pumps, intelligent industrial electric motors, and robots to HMIs are also connected with fixed lines. This means protocol cybersecurity and firewalls, authentication technologies, and unidirectional gateways will see strong demand for the foreseeable future,” Amiri says.

Amiri notes that other modes of connectivity in industrial settings, including 5G and LPWA-LTE, are rapidly growing and will be prominent modes of industrial connection by 2030, meaning that vendors that provide 5G network security will see a ripe market for growth. “The market for fixed-line security will be the largest, but 5G connectivity security is the most promising, especially for new entrants,” he says.

CT Bureau