Cyber Security for ICS

Cyber Security is always a hot topic and always be on top of when we design IT or OT network. It doesn’t matter whether we are working in IT environment or OT environment.

OT Security refers to Operational Technology Security. As OT is mainly design for production environment in Manufacturing Plant, so, it is very critical that manufacturing plant should be secure and protect from un-authorised access.

cyber security, hacking, internet-2851245.jpg

What is Industrial Control System (ICS)

ICS refers as Industrial Control Systems and It is used to control and automate industrial processes in manufacturing, energy production, transportation etc. ICS is also known as Operational Technology (OT).

It is a set-of-devices which helps to control, diagnostic, services and manage real-time production to run reliable operation in an automated way.

ICS including of sensors, controllers, and software that work together to monitor and control the production line. Main purpose of ICS is to increase efficiency, accuracy, and safety in industrial operations.

ICS required in every sector from landing Aeroplane to checking water pressures in pipes, but in different ways and process.

ICS Types:

  • Supervisory Control and Data Acquisition (SCADA) Systems
  • Process Control System (PCS)
  • Distributed Control Systems (DCS)
  • Energy Management System (EMS)
  • Automation System (AS)
  • Safety Instrumented System (SIS)
Cyber Security for ICS- ICS Type
Cyber Security for ICS- ICS Type

Supervisory Control and Data Acquisition (SCADA) Systems

SCADA system is used in Oil, Gas, Water and Electricity transmission, distribution, manage & Monitoring.

Process Control System (PCS)

It is also referring as Programmable Logic Control (PLCs) which is user to control, manufacturing plants.

Distributed Control Systems (DCS)

When control and Management of plant or manufacturing units are distributed in control system and not managed centrally.

Why Cybersecurity is important:

Cyber security can prevent to disclose organizational and production critical information to attackers or un-authorised person. Analyzing Security issues is a continuous process.

Cybersecurity Practice Includes:

  • Identifying Critical Information
  • Analysing the Threat
  • Analysing the Vulnerabilities
  • Assessing Risk
  • Applying solution
Ways for Cyber attack

There can be multiple ways, because there are no define process or ways to theft your data or attack on your network.  Some of are:

  • Social Engineering
  • Phishing
  • Insecure LAN or Wi-Fi design,
  • Un-Scanned or un-authorised devices

used like pen-drive, HDD etc.

  • Deep trust
  • Keeping data at your desk attended
Social Engineering

It is a method when attacker manipulate the people to telling the critical information. Attackers are expert to convince the people to share information. Generally, they call multiple people to ask same kind of information and gather related answers and then they identify the target.

Sometime Social Engineering conducted by Phone calls, Mail link, chats etc.

To protect from Social Engineering, we should not share any sensitive information over call, do not click on any mail link or share any information over mail or chat.

Organisations should have proper awareness session and mandatory training to understand social Engineering and its impacts.

Phishing

It’s a type of social Engineering where attacker send mail, text message with embedded link and message. Such phishing mails looks like from legitimate source like Bank, organization, teaching, job sites, offers, loans etc. to reveal sensitive information.

To protect from Social Engineering, we should not share any sensitive information over call, do not click on any mail link or share any information over mail or chat.

Insecure LAN or WI-FI Network

Design a in-secure network can cause Cyber-attack, especially Wireless. Corporate network should be secure by both internal and external firewall with limited or required access.

Un-Scanned or un-authorised devices used like pen-drive, HDD etc

Some we use un-scanned portable devices like pen drive, HDD in our laptops or computer which very risky. Organization should block such device access.

Blind trust

This is something we can control, because some time we trust someone deeply and we share all sensitive details about project, new opportunities, client etc which is also can be a cause of cyber-attack, because we don’t know if he shares such information with their friends or office colleagues.

Leave data at your desk unsecured

Some time we did this mistake to left our Important or sensitive data, paper un-secured or un-attended, which any one can take it or read it and get your information.

How to protect

As per my experience and understanding, securing network or data 100% is not possible. If you post something on internet or social media sites then, if you delete it from your end, but still it cannot be 100% removed, might be someone had downloaded or shared your post or video which is still available on internet.

But we can take some Precautionary action and adopt some best practices to keep our data safe.

  1. Educate your team by training or awareness session about cyberattack.
  2. Do not open any attachment or click any link.
  3. Either delete or report SPAM and immediately inform to IT security team.
  4. Do not keep your laptop unlock. Always lock your system before leaving your desk
  5. Always keep your important document in drawer and keep it locked
  6. Do not let any official or critical document on your desk un-attended or at printer etc.
  7. If is not in use that always trash it or shredder properly.
  8. Do not discuss about your important deal, critical information, username / passwords publically.
  9. Do not share username or password with anyone.
  10. Do not open any document if someone near you or watching your screen.
  11. Some time we need to share our screen during meetings, so make ensure that before sharing the screen always close all important document or tab or always share window not entire screen.
  12. Always keep your anti-virus updated and scan your laptop daily
  13. Aways use strong passwords
  14. If you are designing any LAN or Wireless network, always use encryption, authorization like WEP, WPA/WPA2/WPA3, AAA, ISE etc.
  15. Always scan your portable device like pen-drive or HDD before connecting to your laptop.

Cybersecurity Principles

Cyber Security Principles refers a set of principles and best practice and process which helps organisation to protect their critical information.

Below are some major principles:

  1. Confidentiality
  2. Integrity
  3. Availability
  4. Authentication
  5. Authorization
  6. Accountability
  7. Resilience

Here we will discuss about mainly 3 tenets

 Confidentiality

It is defined by ISO that organization make ensure that confidential information should be accessible by Authorized person only.

Integrity

Organization makes ensure that all information should be correct, updated, consistent and Reliable.

Availability

Data or Information is very much important, as whenever information is required it should be available. So it is  important to take backup and save information to recover during any disaster.

IT vs OT Preferences

The protection of data in both IT and OT always be a primary importance, with the integrity and availability of that data. Sometimes this hierarchy is referred to as C-I-A (Confidentiality-Integrity-Availability).

There are instances in traditional IT domains where the availability and integrity are critical elements (e.g., in real-time financial transactions), but organizations are more concerned for security. control system domain is much more concerned with availability and integrity than confidentiality. This hierarchy is referred to as A-I-C (Availability-Integrity-Confidentiality).

Security Checks

Security checks are used to measure security status and mitigate vulnerabilities, if any.

Below are some Security controls are:

  • Security Policy
  • Access Control
  • Asset Management
  • Business Continuity
  • Communication / Operational
  • Compliance
  • Human Resources
  • Information Systems
  • Physical / Environmental
  • Risk Assessment
  • Security Incident Management
  • Security Governance

Visit to our site : https://www.kbrosistechnologies.com/

Watch more Video  https://www.youtube.com/channel/UCpcd6IshE1caAbf9EdJd3gw 

https://www.youtube.com/channel/UCTbOmLTSlHggEBkt5wFGNRA

FAQ

Q: What is ICS?

A: ICS stands for Industrial Control Systems. It’s control and automate industrial processes such as manufacturing, energy production, and water treatment.

Q: Why ICS Cyber security are important?

A: ICS Cyber security is important because it mainly working or operation in live environment in manufacturing plants which can have serious consequences, including equipment damage, safety hazards, and even loss of life.

Q: What are some common threats to ICS?

A: Common threats to ICS include social engineering, malware, hacking, phishing, and insider threats. Source of these threats can be anything.

Q: How can I protect my organization’s ICS?

A: Some steps you can take to protect your organization’s ICS include: implementing strong access controls, keeping software up to date, monitoring network traffic for anomalies, conducting regular security audits, and providing employee training on Cyber security best practices.

Please Share

Related Posts