In late 2017, the ICS cybersecurity specialist Dragos reportedly announced that a safety controller (SIS) in a process facility in the Middle East had been targeted by a new malware attack and successfully hacked. The SIS was compromised, leading to a shutdown of the facility. The professional execution of the attack shows that facility operators need to take the subject of cybersecurity very seriously, according to HIMA, a global independent supplier of safety solutions for the process industry, which offers to provide consulting on the subject of cybersecurity in safety-critical systems.
The cyberattack referenced represents a new dimension of cyber threats to critical infrastructure, says HIMA. According to current knowledge, it was specifically planned and designed to target the SIS of a particular manufacturer. This sort of attack on a SIS, reportedly the first ever seen worldwide, is very sophisticated and only possible with significant effort.
“Work processes and organizational deficiencies are by far the most common areas of vulnerability for successful cyberattacks. System interfaces that remain open during operation and can be used to program the systems concerned, for example, give attackers a potential point of access,” says Dr. Alexander Horch, vice president, research, development and product management at HIMA. “We urgently advise facility operators to not rely solely on cyber safe components, but instead to establish a comprehensive security concept for their own facilities.”
To achieve maximum safety and security, it is especially important for facility operators to implement the requirements of the standards for functional safety and automation security (IEC 61511 and IEC 62443) for physical separation between process control systems and safety and security systems, according to HIMA. In addition to providing automation solutions conforming to relevant national and international standards, HIMA supports plant engineers and operators in developing security concepts for the entire life cycle.
“For facility operators it is important to constantly keep an eye on potential forms of manipulation. In this regard, safety-critical applications are fundamentally different from other industrial PLC or office applications,” says Heiko Schween, a security expert at HIMA. “Considerable expertise is necessary to ensure cybersecurity in safety applications. Maintaining and constantly refining security often poses a challenge to facility operators. It is therefore advisable to draw on the services of experienced safety and security experts in order to jointly develop and implement effective concepts.”
For more information, visit: www.hima.com