Vulnerabilities and Attacks Against Industrial Control Systems and Critical Infrastructures

Critical infrastructures (CI) and industrial organizations aggressively move towards integrating elements of modern Information Technology (IT) into their monolithic Operational Technology (OT) architectures. Yet, as OT systems progressively become more and more interconnected, they silently have turned into alluring targets for diverse groups of adversaries. Meanwhile, the inherent complexity of these systems, along with their advanced-in-age nature, prevents defenders from fully applying contemporary security controls in a timely manner. Forsooth, the combination of these hindering factors has led to some of the most severe cybersecurity incidents of the past years. This work contributes a full-fledged and up-to-date survey of the most prominent threats against Industrial Control Systems (ICS) along with the communication protocols and devices adopted in these environments. Our study highlights that threats against CI follow an upward spiral due to the mushrooming of commodity tools and techniques that can facilitate either the early or late stages of attacks. Furthermore, our survey exposes that existing vulnerabilities in the design and implementation of several of the OT-specific network protocols may easily grant adversaries the ability to decisively impact physical processes. We provide a categorization of such threats and the corresponding vulnerabilities based on various criteria. As far as we are aware, this is the first time an exhaustive and detailed survey of this kind is attempted.

READ FULL TEXT

page 19

page 23

page 24

research
05/08/2020

Convergence of IT and SCADA: Associated Security Threats and Vulnerabilities

As many industries shift towards centralised controlled information syst...
research
05/20/2020

Classification of Industrial Control Systems screenshots using Transfer Learning

Industrial Control Systems depend heavily on security and monitoring pro...
research
11/07/2022

The Dark Side of The Internet of Vehicles: A Survey of the State of IoV and its Security Vulnerabilities

For the smart vehicular network, we studied two technologies to realize ...
research
06/24/2019

Extending Attack Graphs to Represent Cyber-Attacks in Communication Protocols and Modern IT Networks

An attack graph is a method used to enumerate the possible paths that an...
research
06/25/2023

A Survey of Security in UAVs and FANETs: Issues, Threats, Analysis of Attacks, and Solutions

Thanks to the rapidly developing technology, unmanned aerial vehicles (U...
research
12/09/2018

Fishy Cyber Attack Detection in Industrial Control Systems

Cyber attacks have become serious threats to Industrial Control systems ...
research
08/28/2022

Cyberattacks on Energy Infrastructures: Modern War Weapons

Recent high-profile cyberattacks on energy infrastructures, such as the ...

Please sign up or login with your details

Forgot password? Click here to reset