Just like any fast-growing innovative sector, the ICS cybersecurity sector largely remains a mystery to many players who are involved in it such as company leaders. Where there is mystery there are myths. In the era of all things being connected and the professionalization of cybercrime, the challenge is a daunting one for many companies. That is why Sentryo has uncovered some myths which dangerously expose those who take them as truths to cybersecurity risks. This is obviously not an exhaustive list considering the countless ideas we received on the subject!
I’m protected because my industrial networks are isolated
False. More often than not, industrial information systems are connected to control networks or even directly to the internet. On average, we count no fewer than 11 internet connections per site although the managers are convinced that their systems are completely disconnected from the network. Moreover, service consoles as well as USB flash drives are major vectors for the spread of viruses even on isolated systems.
My firewall and my security system protect me from external cyber threats
Although they offer a good initial level of protection, they are far from from being 100% effective and even are becoming less impenetrable. According to a study carried out on 37 firewalls in companies from a wide range of sectors such as finance, energy, telecommunications, media and automotive, around 80% of these sectors authorize all services automatically and allow non-secure access to firewalls and the demilitarized zone of the network. What’s worse, 70% authorize devices outside the network perimeter to access the firewall as an administrator.
Physical barriers are initial shields that are non-negligible but they are highly permeable if further internal protection is not set up in vulnerable installations, systems and equipment subject to becoming targets.
My industrial installation is not a potential target
This cannot be any more false. Not only do all small companies possess sensitive data and can become the target of a ransomware, but 80% of security incidents on control systems are unintentionally targeted by cyberattackers as part of a widespread campaign. Worms often spread independently of all targeting strategies.
I am protected because I use proprietary protocols
False! Persistent hackers can very well understand proprietary protocols. These are often intrinsically even more vulnerable because they have not been subject to much public criticism and analysis unlike standard protocols which have been reviewed by work groups and even the public.
I am protected with dependability measures such as diversity redundancy
Technological diversity does in fact provide a boost in cybersecurity as it is the point where they both go in the same direction. However, the price of this is very steep if the only benefit is cybersecurity: return on investment is often not possible.
ISS (Information Systems Security) will complicate my daily work
To the slightest extent, yes, ISS sometimes forces you to implement measures for bypassing normal operating modes (downgraded operating modes). This, however, does not block useful operations. It only acts to prevent dangerous operations by identifying them in advance. Letting malware penetrate your system, now that will complicate your daily work!