Security Experts:

Connect with us

Hi, what are you looking for?



ICS Environments: Insecure by Design

Industrial Control System Design Flaws Have a Profound Impact on Security Posture of Operational Networks

Industrial Control System Design Flaws Have a Profound Impact on Security Posture of Operational Networks

It’s a generally known fact that most Industrial Control System (ICS) environments were not built with cyber security in mind because they were designed before the cyber threat existed. For decades these networks were protected by an air-gap, disconnected from the outside world. With the introduction of commercial off the shelf (COTS) technology in the 1990s (which replaced proprietary, purpose-built industrial hardware and software) and the increasing connectivity to corporate networks and the Internet, these systems have become more exposed to cyber threats and the risk of compromise.

The impact of vulnerabilities and design flaws

Like IT networks, ICS environments are susceptible to software and hardware vulnerabilities. In recent years there has been a significant increase in the number of ICS vulnerabilities reported. Even though such vulnerabilities can pose exceptional risk to industrial control systems (like one discovered in Schneider Electric Unity Pro software), an attacker can still compromise an ICS network and cause disruptions to operations without exploiting them. The focus on the large number of ICS vulnerabilities routinely reported obscures a very important point: even when an industrial organization has mitigated all vulnerabilities, there are still design flaws that cyber attackers can easily exploit to compromise an ICS.

ICS networks have become easy targets because they lack basic security controls such as authentication, and do not support encrypted communication. In IT security terms, this represents a major design flaw that adversely impacts the overall security of the ICS environment. This means that anyone with network access can make changes to controller logic and configuration which can severely affect operations and have a catastrophic impact on plant safety and reliability.

Visibility and control in ICS networks

ICS networks suffer from a lack of visibility which prevents engineering and security staff from identifying a malicious actor compromising critical assets, or a contractor that may be making an unauthorized change to the configuration of a controller. Not knowing with certainty what’s happening in these networks severely impacts the staff’s ability to detect and respond to incidents, whether caused by cyber threats or human error. 

Due to this lack of security controls, anyone with access to ICS networks can – maliciously or unintentionally – make control-plane engineering changes to the controllers which manage  industrial processes. Control-plane changes to the controllers, like code updates and configuration changes, are very difficult to identify. It can take days or weeks to identify changes and most importantly, it is difficult to respond to incidents and revert the system back to its original state. These factors significantly increase the potential for operational disruptions and makes threat mitigation a complex process that is resource intensive and time consuming.

When an organization has the ability to track all activities occurring in their ICS network in real-time, they can quickly identify incidents, pinpoint their cause, and respond to malicious or erroneous activity.

As long as security controls aren’t available to prevent unauthorized/malicious changes, the design flaws of ICS will continue to affect their security posture and put them at a high risk of compromise. No amount of vulnerability remediation can prevent access to the controllers on ICS networks or mitigate the risk of compromise resulting from a lack of security controls.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...


Serious vulnerabilities found in Econolite EOS traffic controller software can be exploited to control traffic lights, but the flaws remain unpatched.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...


Vulnerabilities in GE’s Proficy Historian product could be exploited for espionage and to cause damage and disruption in industrial environments.


A hacktivist group has made bold claims regarding an attack on an ICS device, but industry professionals have questioned their claims.


Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.