Word of the Day: industrial control system (ICS)

Word of the Day Daily updates on the latest technology terms | July 30, 2018 industrial control system (ICS) Industrial control system (ICS) is a general term used to describe the integration of hardware and software with network connectivity in order to support critical infrastructure. ICS technologies include, but are not limited to, supervisory control and data acquisition (SCADA) and distributed control systems (DCS), industrial automation and control systems (IACS), programmable logic controllers (PLCs), programmable automation controllers (PACs), remote terminal units (RTUs), control servers, intelligent electronic devices (IEDs) and sensors. Historically, most machinery and engineering components used in manufacturing and the operation of power plants, water and wastewater plants, transport industries and other critical infrastructures were dumb, and those that were computerized typically used proprietary protocols. The networks they belonged to were air-gapped and protected from the outside world. This has changed over the years and components of today's ICSs are often connected directly or indirectly to the internet. Advances in smart sensor technology and wireless networking have made the blending of operational technology (OT) with information technology (IT) desirable and cost-effective. Despite the benefits of increased speed, better responsiveness to conditions and improved reliability that IT/OT convergence had brought, however, there are drawbacks in terms of security. Targeted attacks against ICSs by terrorists pose a threat to most nations around the world. As remote telemetry units used to input change become more capable of local control and as the Internet of Things (IoT) and Industrial IoT continue to grow, it becomes increasingly important for strategies to protect ICSs from security threats be top of mind. In the United States, the Department of Homeland Security (DHS) has offered these recommends for protecting industrial control systems: Use application whitelisting to protect infrastructure from potentially harmful programming. Implement configuration management and patch management controls to keep control systems secure. Reduce attack surface areas by segmenting networks into logical parts and restricting host-to-host communications paths. Require multi-factor authentication and enforce the principle of least privilege (POLP). Require remote access to be operator controlled and time limited. Monitor traffic within the control network and on ICS perimeters. Analyze access logs and verify all anomalies. Ensure the restore includes golden records so systems can be rolled back to last known good state. Quote of the Day "DHS said Russian hackers first targeted key industrial control vendors in order to steal credentials and access air-gapped and isolated utility networks." - Michael Heller Trending Terms SCADA programmed logic controller IT/OT convergence ICS security distributed control system industrial automation Learning Center DHS details electrical grid attacks by Russian agents DHS claims Russian agents have performed hundreds of electrical grid attacks, including on utilities that were air-gapped and isolated, with the potential for serious damage. An introduction to ICS threats and the current landscape ICS threats have been coming into the spotlight more as attacks happen more frequently. Here's a review of what ICS security threats can really do if successful. Creators of Trisis malware have expanded their ICS attacks The group behind the Trisis malware attacks on industrial control systems has been identified as Xenotime, and it is still active, expanding its efforts to companies across the globe, according to Dragos research. Triton, Industrial control systems, infrastructure attacks, nation-state The Trisis malware used in an ICS cyberattack in Saudi Arabia in December is thought to have been made by a nation-state actor and has been freely available. Dragos' Robert Lee discusses latest ICS threats, hacking back In a Q&A at RSA Conference 2018, Dragos CEO Robert Lee talked about how industrial control systems differ from IT systems and the newest looming ICS threats. Quiz Yourself _______ are common in factory automation, building automation and material handling systems. a. PLC's b. PLCs Answer Stay in Touch For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com Visit the Word of the Day Archives and catch up on what you've missed! FOLLOW US About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.