Challenges of industrial cybersecurity by Evgeny Goncharov, Kaspersky CERT

[browneylad]

Challenges of industrial cybersecurity


an article by Evgeny Goncharov, Head of @KasperskyICS CERT

In their swift development over the past decade, modern enterprises in energy, petrochemistry, metallurgy, pharmaceuticals, food processing, transport, logistics and other sectors have crossed the invisible line separating the physical world of machines and mechanisms from the virtual world of computer software. They have essentially evolved into cyber-physical systems, where instructions in machine code control physical objects. These cyber-physical systems are built using modern IT technologies. They are connected to each other and to the external cyber-world with wired and wireless communication channels. Although this makes effectively using and further developing such systems much easier, it also makes them vulnerable to computer attacks.
The danger posed by cyber-physical technologies to the industrial process and equipment is increasingly acknowledged by specialists working at industrial enterprises, information security researchers and government agencies of most countries. At the same time, most people who are responsible for or otherwise involved in ensuring the cybersecurity of industrial enterprises admit that implementing security measures is a very long process. As a rule, they cite a variety of reasons and factors that make progress towards protecting industrial facilities from cyberthreats difficult and slow or even downright impossible.
In this paper, we have summarized our knowledge and expertise accumulated over years of practical work (conducting security audits and penetration tests, investigating incidents, detecting and preventing attacks, designing and deploying protection, providing training to cybersecurity specialists and employees at industrial enterprises, participating in the development of recommendations and requirements for industry regulators) and communication with experts representing industrial enterprises, academic institutions and government agencies from different countries.
We have developed a list of factors that, in our opinion, affect, now and in the foreseeable future, the threat landscape and the development, implementation and use of organizational and technical measures designed to protect industrial facilities, as well as the major industrial cybersecurity issues which are not likely to be resolved in the near future.

Read more: https://ics-cert.kaspersky.com/reports/2...rsecurity/