Book Image

Industrial Cybersecurity

By : Pascal Ackerman
Book Image

Industrial Cybersecurity

By: Pascal Ackerman

Overview of this book

With industries expanding, cyber attacks have increased significantly. Understanding your control system’s vulnerabilities and learning techniques to defend critical infrastructure systems from cyber threats is increasingly important. With the help of real-world use cases, this book will teach you the methodologies and security measures necessary to protect critical infrastructure systems and will get you up to speed with identifying unique challenges.Industrial cybersecurity begins by introducing Industrial Control System (ICS) technology, including ICS architectures, communication media, and protocols. This is followed by a presentation on ICS (in) security. After presenting an ICS-related attack scenario, securing of the ICS is discussed, including topics such as network segmentation, defense-in-depth strategies, and protective solutions. Along with practical examples for protecting industrial control systems, this book details security assessments, risk management, and security program development. It also covers essential cybersecurity aspects, such as threat detection and access management. Topics related to endpoint hardening such as monitoring, updating, and anti-malware implementations are also discussed.
Table of Contents (19 chapters)
Title Page
Credits
About the Author
About the Reviewers
www.PacktPub.com
Customer Feedback
Preface

Common IT protocols found in the ICS


Although not directly industrial control protocols by themselves, the upcoming sections are a list of common IT protocols that can be found on OT networks. The list includes a summarization of their well-known vulnerabilities.

HTTP

Many ICS devices will have built-in diagnostic web pages and some form of web server to allow access to the diagnostic pages. HTTP is known to have the following vulnerabilities:

  • Vulnerable HTTP server application code
  • Hard coded credentials
  • SQL injection
  • Cross-site scripting
  • Broken authentication and session management
  • Insecure direct object references
  • Cross-site request forgery
  • Security misconfiguration
  • Insecure cryptographic storage
  • Failure to restrict URL access

A quick search on ICS-CERT reveals the following vulnerabilities involving web servers:

 File Transfer Protocol

File Transfer Protocol (FTP) is a clear text file transfer protocol that suffers from the following vulnerabilities:

  • Vulnerable FTP server application code
  • Hard coded...