What are the common threat forms in the field of industrial control

In the field of industrial control, a threat can be a situation, capability, behavior, or event, and the consequences of a threat are not only the destruction of information security assets, but also injuries such as production accidents. Therefore, according to the classification of risks in the “Information Security Risk Assessment”, combined with the characteristics of the industrial control system, the security threats of the industrial control system may have the following manifestations:

(1) Malicious behavior by disgruntled current employees who understand the craft and have access to a variety of equipment, but have mediocre computer skills. Malicious operations may be motivated by passion, with the hope of disguising the sabotage after the fact.

(2) Hackers without special needs. These people have strong computer skills, but it is difficult to directly access various equipment, and they do not know much about the factory situation. Many of them may only destroy the industrial control system because of curiosity and accidental behavior. And the process doesn’t have to be disguised.

  

(3) Malicious behavior of disgruntled resigned employees. These people understand the craftsmanship and may not have access to various equipment, but may use system loopholes to retain network access or direct access to equipment after resignation. The vandalism will hopefully be disguised. In 2000, the Australian water treatment plant accident.

(4) The malicious behavior of economic criminals with clear goals, hoping to hijack the control system in exchange for economic benefits. In 2008, hackers hacked into South American power to blackmail the government.

(5) Malicious acts of terrorists with clear goals, hoping to cause significant social impact after hijacking the control system. In 2019, there was a power outage accident in Venezuela.

(6) Malicious acts of hostile forces or hostile countries, with clear goals and abundant resources, and can carry out various attacks. Ukraine power outage, Iran Stuxnet accident, etc.

(7) Misoperation by employees may lead to wrong operation in equipment wiring, switching power supply and function operation. Such accidents are mostly attributed to safety production accidents.

(8) Hardware defects, the hardware’s own information security capabilities are weak, or the backdoor has been pre-implanted by hostile forces. Siemens, Schneider PLC vulnerabilities.

(9) Software development defects, the programming ability of developers, the ability to understand functions or other reasons, which lead to the problems caused by the lack of rigorous software development. Common operating system vulnerabilities, application software vulnerabilities and so on. A well-known ransomware incident.

(10) Natural disasters, information systems are subject to lightning strikes, electric shocks, vibrations, etc., resulting in wiring changes. Such disasters are highly random, with unclear goals and unpredictable consequences.

In the field of industrial control, a threat can be a situation, capability, behavior, or event, and the consequences of a threat are not only the destruction of information security assets, but also injuries such as production accidents. Therefore, according to the classification of risks in the “Information Security Risk Assessment”, combined with the characteristics of the industrial control system, the security threats of the industrial control system may have the following manifestations:

(1) Malicious behavior by disgruntled current employees who understand the craft and have access to a variety of equipment, but have mediocre computer skills. Malicious operations may be motivated by passion, with the hope of disguising the sabotage after the fact.

(2) Hackers without special needs. These people have strong computer skills, but it is difficult to directly access various equipment, and they do not know much about the factory situation. Many of them may only destroy the industrial control system because of curiosity and accidental behavior. And the process doesn’t have to be disguised.

  

(3) Malicious behavior of disgruntled resigned employees. These people understand the craftsmanship and may not have access to various equipment, but may use system loopholes to retain network access or direct access to equipment after resignation. The vandalism will hopefully be disguised. In 2000, the Australian water treatment plant accident.

(4) The malicious behavior of economic criminals with clear goals, hoping to hijack the control system in exchange for economic benefits. In 2008, hackers hacked into South American power to blackmail the government.

(5) Malicious acts of terrorists with clear goals, hoping to cause significant social impact after hijacking the control system. In 2019, there was a power outage accident in Venezuela.

(6) Malicious acts of hostile forces or hostile countries, with clear goals and abundant resources, and can carry out various attacks. Ukraine power outage, Iran Stuxnet accident, etc.

(7) Misoperation by employees may lead to wrong operation in equipment wiring, switching power supply and function operation. Such accidents are mostly attributed to safety production accidents.

(8) Hardware defects, the hardware’s own information security capabilities are weak, or the backdoor has been pre-implanted by hostile forces. Siemens, Schneider PLC vulnerabilities.

(9) Software development defects, the programming ability of developers, the ability to understand functions or other reasons, which lead to the problems caused by the lack of rigorous software development. Common operating system vulnerabilities, application software vulnerabilities and so on. A well-known ransomware incident.

(10) Natural disasters, information systems are subject to lightning strikes, electric shocks, vibrations, etc., resulting in wiring changes. Such disasters are highly random, with unclear goals and unpredictable consequences.

The Links:   PD064VL1 BSM75GB60DLC

Author: Yoyokuo