Industrial control system breaches rising, says new report

Breaches that result in the theft of millions of pieces of personal data get big headlines, such as those involving retailers, hospitals and government agencies.

But attacks on industrial control systems — sometimes called SCADA systems — are quietly increasing as well, according to a new survey by the SANS Institute. According to the report,  one-third of 314 respondents who actively maintain, operate or provide consulting services to facilities maintaining ICS systems said their organization’s control system had been breached. Of those, 17 per cent acknowledged six or more breaches had occurred so far this year, up from nine per cent in all of 2014. Another 11.3 per cent said this year they had suffered between six and 10 breaches, while 3.8 per cent thought they could have been breached up to 50 times..

Of those who acknowledged a breach, 32 per cent couldn’t put a number on how many incidents had occurred.

Forty-nine per cent said they weren’t aware of an ICS breach or infection, while another 12 per cent were certain they hadn’t been breached.

Internet-connected industrial control systems can be found in a wide range factories, utilities, municipal and defence systems.

“Both the degree of uncertainty and the rising number of known incidents are red flags calling for the dedication of greater resources to monitoring, detecting and analyzing anomalous activity in control system networks,” says the report. “Breaches of security that do not disrupt normal operations may still be detected, if trained and knowledgeable personnel armed with the requisite tools look for such breaches. The success of advanced persistent threats (APTs) depends on their operating at a sufficiently slow pace or below a level of network or system noise so as not to be noticed.

“Rapid detection is key because the longer breaches remain unknown, the greater the potential impact.”

Almost 20 per cent of respondents who’d successfully been attacked said systems were breached for at least 24 hours before it was discovered, and 20 per cent reported that they could not determine how long the infiltration had been going on. Another 20 per cent said breaches weren’t detected for more than a week, and 15 per cent reported not knowing about the infiltration for more than a month.

The report also found worrying that only 20 per cent of respondents stated that qualification of security technologies by their ICS equipment vendors is mandatory, considering what it says is the critical nature of Site Acceptance Testing (SAT) of industrial control system components. Even more concerning, it added is  that 25 per cent of respondents said it is only moderately important or not important. And 10% didn’t know how important it is to validate new security tools before introducing them into control systems. Most respondents (65 per cent) said vendor qualification of security technologies and solutions to be either highly important or mandatory.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now