The United States government has revealed that it has detected a rise in cyber criminal attacks on industrial control systems.
The concern is that with leading manufactures and grid power producers' early adoption of the industrial internet of things - and Industry 4.0 which are commercial and industry versions of the internet of things - sufficient safeguards have not been put in place to protect them from the internet.
Previously, these industrial companies had systems that were securely locked down and not connected or accessible to the outside world. The Industrial internet of Things (IIoT) has changed all that though, with companies embracing the internet to leverage remote control and management on a global basis. There is also the new commercial and business model of utilising big data collection and analytics, which requires cloud storage and internet access. However, opening up industrial and commercial systems to the internet has also opened doors to potential attacks.
Not only is the potential scale of attacks far larger from an internet scale perspective, most industrial IT firms do not have the battle hardened skills of dealing with web scale attacks as they are accustomed to dealing with a fortress approach to IT security.
“We see more and more that are gaining access to that control system layer," said Marty Edwards, who runs the Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT.
“I am very dismayed at the accessibility of some of these networks... they are just hanging right off the tubes."
Dave Palmer, Director of Technology at Darktrace also commented: “This marks a dangerous and long predicted shift in the targets of hackers where industrial control systems and basic infrastructure is at risk in addition to the banking and credit card attacks we are used to hearing about.
"If attacks move beyond intellectual property theft and intelligence collection to disrupting or destroying critical infrastructure then, more than ever, organisations within this sector really need to ensure that they have the right strategies and immune systems in place to detect emerging threats and respond to them before a crisis occurs.”