Why cyber physical damage attacks may increase - Reason 4
Reason 4 : Industrial Control System Networks are Notoriously Difficult to Secure
In the fourth of a series of expert blogs, TMK Cyber Underwriter Paul Gooch explains why cyber Physical Damage attacks could increase in 2020 and beyond.
Industrial control systems (ICS) networks are increasingly vulnerable due to increased online connectivity and the proliferation of targeted malware. While the risk of unauthorised access can never be eliminated completely, it can be mitigated by improving security. However, due to characteristics inherent in ICS environments, this poses significant challenges.
Unlike corporate IT networks, which prioritise confidentiality of data, ICS networks were designed to prioritise availability, i.e. operational uptime. Historically, ICS networks were isolated from outside connections – which provided a high level of inherent confidentiality – and few foresaw a future in which a third party would want to intentionally disrupt operations. As such, the worst-case scenario in the 1970s would have been a random technical failure or a malfunction, rather than a cyber attack. For this reason, ICS communication protocols do not typically utilise encryption or authentication techniques found in IT networks.
Given their age, ICS networks often rely on legacy operating systems such as Windows XP which are no longer supported by the vendor with routine security updates or patches. Even when patches are available, installation is often a more complex process than for corporate networks, with the consequences of a failed patch much graver. Plant managers also have to take availability requirements into consideration – many industrial facilities operate 24/7 so do not have the luxury of overnight or weekend patching windows like their IT network counterparts. Consequently, ICS assets remain vulnerable for much longer.
As such, despite the worsening threat landscape, many companies struggle to adequately protect themselves against ICS attacks due to the very nature of them being insecure by design.
Click here to read
TMK has released an enhanced cyber insurance policy to include coverage for Property Damage and Ensuing Business Interruption resulting from a cyber-attack: Cyber Ctrl PD+. Visit http://www.tokiomarinekiln.com/our-business/enterprise-risk/cyber/ for more information.