Cyberattacks on industrial control systems (ICS) are on the increase due to the Internet of Things (IoT) revolution. With more and more connected endpoints, the increased volume of sensitive data only serves to increase the viable attack surface.

Unexplained code (presumably malware) has been found in numbers of critical national infrastructure (CNI) systems, and some has been lying dormant, undetected, for years. Evidence also suggests sophisticated intelligence gathering and infrastructure reconnaissance efforts, often carried out by nation-state actors, mercenaries and criminal gangs for financial gain.

Such infiltration is no longer restricted to the CNI community, where the safety of the public and the continuity of essential services are paramount: Manufacturing enterprises, smart buildings, automobiles — anyone or anything using industrial control systems is potentially at risk for this kind of cyberattack.

The Reality of Industrial Control Systems

Andy Kling, the director of cybersecurity and software practices at Schneider Electric, recently told Chemical Engineering Online, “As we integrate more digitalization into our lives, we are increasing the attack surface available to hackers.”

IDC predicted that the worldwide installed base of IoT endpoints will reach 25.6 billion by 2019 and approximately 30 billion connections in 2020. These devices will be enabled with digital sensing, computing and communications capabilities, giving passive objects the ability to create and deliver new data streams. As each new digital device adds another potential point of entry for a cyberattack, businesses require more effective and efficient security solutions.

The increase in malicious activity against industrial control systems observed by IBM X-Force pointed to the fact that the risk of a critical incident involving an ICS is now a significant reality. Securing ICS networks and systems is an absolute imperative for CNI organizations, but it should also be a high priority for CISOs in all organizations that use the technology. Rather than fighting the danger as it comes, combating cybercrime must be proactive.

Proactive Cybersecurity

Identifying threats is a growing necessity among corporations — and an ongoing issue. But how do we put out the fire before it’s even started? Fortunately there is an existing integrated solution to defend ICS against cyberthreats.

IBM Security and Check Point Software have teamed up to deliver an integrated security solution that detects and protects against ICS cyberthreats: ICS Secure. The solution enables detailed monitoring and control of the ICS environment, and it integrates with customers’ security incident and event monitoring (SIEM) tools to provide unprecedented levels of security intelligence.

The intelligence gathered by ICS Secure, which comes from a wide range of SCADA-type protocols, can be integrated with the security intelligence ingested from the traditional IS/IT systems. The resulting capability enables organizations to take the first steps in IT/OT convergence, bringing the ICS environment into the overall security envelope of the enterprise for the first time. ICS Secure augments IBM’s Security Consultancy Services, Product System Services, Penetration Testing Services and Emergency Response Services into an end-to-end cybersecurity solution for the enterprise.

Securing ICS and SCADA networks is fundamental for CNI organizations. Planning for critical incidents and employing the right technology to combat cyberthreats to ICS and IoT environments is not a theory for the future, but today’s reality.

Read the IBM X-Force Research Report: Security attacks on industrial control systems