A recent incident where a likely nation-state threat actor inadvertently shut down a critical infrastructure facility in the Middle East when testing new malware has stoked widespread concerns about the vulnerability of industrial control systems (ICSs) to new cyberthreats. Many security experts see the incident as a harbinger of a new wave of destructive attacks targeting ICS and want critical infrastructure owners to urgently update the security of their operational technology (OT) networks.
An ICS is any device, instrumentation, and associated software and networks used to operate or automate industrial processes. Industrial control systems are commonly used in manufacturing, but they are also vital to critical infrastructure such as energy, communications, and transportation. Many of these systems connect to sensors and other devices over the internet—the industrial Internet of things (IIoT), which increases the potential ICS attack surface.
Read which 8 key questions plant operators, process control engineers, manufacturing IT specialists, and security personnel need to be asking when planning for ICS security, according to several experts, on CSO.