In the recent World Economic Forum 2018, The Global Risk Report has identified the highest risk on a global level. Experts have determined the possible impact on the geopolitical and economic status of cyber-attacks. It is believed that major attacks may occur in the next five years. Its effect was associated similar to natural disasters and environmental catastrophes in 2018. The report raised awareness and sense of urgency to different kinds of organizations and government with regards to Industrial Control Systems(ICS) and critical infrastructure cybersecurity.
Effects of The Attacks
Several attacks were recorded last 2017 and most of the attacks were malware. Many countries were affected by the attacks and millions of dollars were lost. Europe and Asia was the most affected region by the global cyber incidents.
It is highly attributed to both general hesitancy of industrial companies to invest in ICS cybersecurity technologies that make them in place. Being connected to the internet is a high risk for all industrial assets. Assets like Programmable Logic Controllers(PLCs) and Remote Terminal Units(RTUs) could not tailor the malware attacks, vulnerabilities, and other cyber-born threats. They are unequipped to identify, manage, or remediate cyber-attacks.
Previous ICS and industrial systems were considered secured by isolating the devices from the internet. These systems were running proprietary protocols, specialized hardware, embedded operating systems and were connected thru specialized wires. Today, the setup has changed a lot. ICS and industrial systems are linked to an enterprise network. They are running on a common internet protocol and utilizing IT operating systems and often connected to the wireless and cloud technologies. The unification of IT and OT has created several challenges.
- IT and OT are domain-specific. Technologies require specialized knowledge of ICS technology and communications. Enterprise IT security technologies are not ICS-aware or able to input OT data.
- OT deficiencies: PLCs and RTUs are low computational computers built for controlling physical components such as valves, pumps, motors, etc. These devices can not identify cyber threats.
Importance of ICS Cybersecurity
The gap between industrial connectivity and industrial cyber readiness has resulted in serious risk implications for future technological development, global labor markets, and political unrest. Temporary disruptions are manageable in the IT environment, the systems managing critical infrastructure is different and cannot afford to fail. A new approach is required to face the security challenges resulting from the convergence of OT and IT.
Modern artificial intelligence might be one of the best approaches in facing cybersecurity because it is capable of real-time analytics and system monitoring that addresses data loss and system shutdown.
The risk of cyber-attacks in 2018 can be expected to increase; affecting enterprise networks, consumer data, and ICS. However, these risks can be managed with the right investments in ICS cybersecurity technologies that extend the capabilities of existing IT and OT platforms, networks, and security infrastructure.
The World Economic Forum Global Risks report has clearly identified the importance of cybersecurity by highlighting the effects of cyber-attacks. Threats on OT assets and ICS impose the highest risk to geopolitics, economic welfare, and society in general. Companies need to re-evaluate and invest in new cybersecurity solutions that has the capabilities of conventional IT approaches while bringing improved monitoring and threat detection.