At S2 Grupo we are experts in industrial cybersecurity. We have a pioneering team of industrial engineers, computer and telecommunications engineers who add a twofold value to consulting/audit projects of industrial control systems and critical infrastructure protection:
- Business Vision: professionals in processes and industrial control systems contribute their knowledge of the productive sectors, controlled processes and constraints that the context dictates to specific solutions.
- CybersecurityVision: IT security experts have the experience and the technical tools so as to control that the systems designed by industrial engineers open Internet safely.
Risks of industrial control systems
The big problem of the industrial sector on cybersecurity, is that facilities and equipment are designed without taking into account security criteria. These should be incorporated later, which limits its effectiveness. Currently, these systems are found in multiple contexts such as industrial environment, critical infrastructure, processing centers, data centers, telecommunications, smart cities and intelligent buildings, among many other examples, so it is essential to detect any risk to install the necessary controls and perform remote management of cybersecurity that safeguards them.
The lack of security in the early stages of system design means opening the door to possible risks that could endanger the installation. Some causes that motivate it are:
- Lack of awareness of the weakness of protection systems of current equipment.
- Ignorance of easy access to industrial control systems connected to the network (e.g. remote control systems, SCADA servers based on operating systems that are not updated for fear they may not work later, connections via radio, etc).
- Over-reliance on physical security measures and access control (e.g. possibility of cloning RFID cards or causing damage to a physical element of a system remotely)
- Lack of awareness of the convergence of technologies. Currently, the management and the risks of an industrial equipment is almost the same as managing any other networked computer. There is no technological barrier to ICT experts.
- Lack of awareness of new risks and the motivations of potential attackers.
What is in for my company?
The job S2 Grupo does in industrial cybersecurity will give your company:
- Knowledge of the actual state of cybersecurity in the installation.
- The possibility to check the effectiveness of the controls implemented in the organization.
- Business continuity management: possible disaster scenarios in the organization will be determined. This will allow you to find the best solutions and respond quickly and effectively to any security incident, ensuring business continuity.
- Selection of controls or safeguards appropriate to the size of your organization, activity and resources.
- The capability to detect residual risks assumed by yuor organization at all times.
- Remote management of cybersecurity.
- Specialized awareness for employees of industrial specialties (production, maintenance, engineering, etc.)
Cyberthreats : Cyber security hazards in industrial control
Industrial control systems can be affected by different kinds of cyberthreats such as sabotage, information theft, fraud, blackmail, financial damage to the company or even affect corporate reputation.
- Assembly line halt
- Production losses and WIP loss
- Increased downtime and quality impairment
- Failure to comply with specifications, deadlines and commitments to customers
- Breach of regulatory obligations
- Equipment destruction
- Deleting or changing the programming of PLC
- Modification of process tasks
2. Information theft
Unauthorized access to relevant information about the product and company business such as:
- site plans
- process diagrams (P &D)
- PLC programming and monitoring software
- descriptive documentation of design parts and products, the materials used or their composition and production · process
- information on orders, production orders, customers and / or suppliers
Financial damage to the company through alteration of remote readings resulting in a consumption below the actual, for example.
Threat of disruption of the production process.
5. Financial damage to the company
- Data manipulation
- Breach of statutory duty to preclude or delay the receipt or registration of certain relevant information
- Handling information about the status of the system received by the decision-making operator
6. Damage to the corporate reputation of the company
As a result of being a victim of any of the dangers described and perceiving the vulnerability of the company.
iSOC (Industrial Security Operation Center)
S2 Grupo provides industrial cybersecurity services from iSOC (Industrial CyberSecurity Operations Center), a service center with a management model certified with international standards and has an operational intelligence platform specialized in industrial installations.
One of the main functions of iSOC is determining the level of exposure of the control systems to determine the needs of specific protection in each case and act quickly when required.
iSOC guarantees the security of industrial control systems, often connected to ICT networks through remote monitoring to ensure continuity of operation.
- Service center 24×7
- Cybersecurity Incident Management
- Advanced Intrusion Detection
- Remote security monitoring of industrial facilities in real time
iSOC relies on R&D+i through iSOC -Lab, which allows it to be at the forefront of active protection systems in real-time for the industrial infrastructure of its customers.
The iSOC-Lab team has designed and built an industrial model that works like a test environment in order to optimize the development of these activities. Among other operations, the following are also are carried out:
- Case studies in the training courses.
- Testing of new technologies.
- Testing different attack scenarios (e.g. improper system operation, unexpected consequences despite the good functioning of the system, attacks intended to distort information received by the operator of the infrastructure or destruction of hardware).
- Design of defense strategies.
Do you want to see it live? Contact us at email@example.com
Cybersecurity attacks: real examples
- Did you know that there is an Internet search engine of industrial control systems?
The SHODAN (http://www.shodanhq.com/) search allows searching for devices of all kinds – including Scada systems using patterns and text strings. Thus, all those industrial control systems not securely connected to the network could be detected by potential attackers.
- Aurora vulnerability, Idaho National Laboratory (2007)
It is an experience carried out in the INL (Idaho National Laboratory) in 2007. This vulnerability is to cause damage in a power generator installed on a system with all the usual protections exploiting the possibilities of remote controlling it. The result? A possibly unexpected success that led to the complete destruction of a diesel generator worth $ 400,000.
Industrial cybersecurity Posts
If you want to know more about industrial cybersecurity, the team of industrial, computer and telecommunications engineers of S2 Grupo visit the following posts, by scrolling down to English: