Book Image

Industrial Cybersecurity

By : Pascal Ackerman
Book Image

Industrial Cybersecurity

By: Pascal Ackerman

Overview of this book

With industries expanding, cyber attacks have increased significantly. Understanding your control system’s vulnerabilities and learning techniques to defend critical infrastructure systems from cyber threats is increasingly important. With the help of real-world use cases, this book will teach you the methodologies and security measures necessary to protect critical infrastructure systems and will get you up to speed with identifying unique challenges.Industrial cybersecurity begins by introducing Industrial Control System (ICS) technology, including ICS architectures, communication media, and protocols. This is followed by a presentation on ICS (in) security. After presenting an ICS-related attack scenario, securing of the ICS is discussed, including topics such as network segmentation, defense-in-depth strategies, and protective solutions. Along with practical examples for protecting industrial control systems, this book details security assessments, risk management, and security program development. It also covers essential cybersecurity aspects, such as threat detection and access management. Topics related to endpoint hardening such as monitoring, updating, and anti-malware implementations are also discussed.
Table of Contents (19 chapters)
Title Page
About the Author
About the Reviewers
Customer Feedback


As we saw in this chapter, a total system compromise can be a single vulnerability away. Playing out a scenario as presented here, where a single hole in the security leads to a targeted manipulations of temperatures, used in the PID loop that controls the steam supply of a digester with the purpose to cause a meltdown is a very hard thing to pull off. I takes skill, preparation, a deep understanding of ICS technologies in general and familiarity with the targeted ICS. More common consequences of Mark having a computer with a Java vulnerability going to a compromised website are drive-by downloads of malware like ransomware that will encrypt the victim's computer or  every computer on the victim's network. Also a devastating event with a high potential for production downtime and revenue loss that an ICS should be protected against.

In the next chapter we are going to discuss how hacker techniques like these are used for good as well, within risk assessments.