There are various ICS protocols which vary with the different hardware manufacturers such as Honeywell, Siemens, Toshiba, GE, Mitshubishi, etc. Modbus, DNP3, PROFINET/PROFIBUS, OPC tc. are a few such protocols. Some of the ICS protocols which these companies use in their different products are proprietary. Because of this reason, ICS security is a challenging task. Since many years, this sector has been ensuring security from the attackers through obscurity owing to the unfamiliarity of the attackers with the protocols.
The use of industrial control systems is widely prevalent in a wide range of industries across the world such as nuclear power plants, HVAC installations, robotics, doors of prison cells, etc. Since they deal with the critical infrastructure, it can’t be taken down for updating because of which they become vulnerable to threats.
People from the conventional IT security background may find the SCADA/ ICS secuity a challenging task because the technologies, modes, and mindset used in the former can’t be applied to SCADA or ICS systems which sharply focuses on the protection of the processes. This is because SCADA is fully dependent on the processes and the failure of a process costs millions of dollars as the plant goes down. Any distress on the processes can lead to severe and life-threatening outcomes such as the outage because of which protection of the process is extremely essential. Unlike all these, IT security solely focuses on the protection of data.
The systems of SCADA/ ICS are spread through many miles such as that of the electrical grid, pipelines, etc. which makes securing it more challenging as the physical security is quite important in this case. SCADA hacking is easily possible when a hacker tries to enter into some remote field station.
If we look at the past 20 years, we will find that all the SCADA/ICS systems have been using TCP/IP connection to link with the external world. Despite having an internal serial communication, there are connections which enable the engineers and admins to monitor all systems. So, these can be taken offline to protect them from hackers. With the advent of tools such as Shodan, the method of securing these systems through obscurity lost its reliability as it enabled hackers to hack the system with ease. So, it is gradually starting the implementation of modest security measures. The challenge faced in this scenario is the incompatibility of the shelf security products with the proprietary protocols used by the SCADA/ICS system. So, they customize the firewalls and IDs to protect them as cyber terrorism and cyberwar pose a serious threat.