SIEMENS
8/2
Siemens IK PI · 2015
Industrial Security
Security Integrated
Introduction
8
■
Overview
Industrial security
That is why industrial security is so important
As the use of Ethernet connections all the way down to the field
level increases, the associated security issues are becoming
a more urgent topic for industry. After all, open communication
and increased networking of production systems involve not
only huge opportunities, but also high risks. To provide an
industrial plant with comprehensive security protection against
attacks, the appropriate measures must be taken.
Siemens can support you here in selectively implementing these
measures – within the scope of an integrated range for Industrial
Security.
Threat overview
1)
Industrial Control Systems (ICS)
Source: BSI-A-CS 004 | Version 1.00 dated April 12, 2012; page 2 of 2
Note:
The list of threats came about as a result of close cooperation
between BSI and business representatives.
With its BSI analyses, the Federal Office for Information Security
(BSI) publishes statistics and reports on current topics in
cyber security.
Please send comments and notes to:
cs-info@bsi.bund.de
No.
Threat
Explanation
1
Unauthorized use of remote
maintenance access
Maintenance access provides deliberate openings to the outside in the ICS network
1)
.
However, they are often inadequately protected.
2
Online attacks
via office/enterprise networks
In general, office IT equipment is connected with the Internet in many ways.
Usually, there are also network connections from the office network to the ICS network,
allowing attackers to use this route.
3
Attacks against standard
components used in the
ICS network
Standard IT components (commercial off-the-shelf, COTS) such as operating systems,
application servers, or databases generally contain flaws and weak points which can be
exploited by attackers. If these standard components are also used in the ICS network,
this increases the risk of a successful attack on the ICS systems.
4
(D)DoS attacks
(Distributed) denial of service attacks can be used to disrupt network connections and
required resources and cause systems to crash, e.g. to disrupt the functionality of an ICS.
5
Human error and sabotage
Deliberate actions – regardless of whether by internal or external agents – are a massive
threat for all security goals. In addition, negligence and human error are a great danger,
especially when it comes to protecting confidentiality and availability.
6
Introduction of harmful code
via removable media and
external hardware
The use of removable media and mobile IT components of external employees always
presents a great risk of malware infections. The importance of this aspect was demonstrated
by Stuxnet, for example.
7
Reading and writing messages
in the ICS network
Because most control components presently communicate via plain-text protocols, and are
thus unprotected, it is often possible to read and insert commands without great difficulty.
8
Unauthorized access
to resources
In particular, insiders or follow-up attacks after intrusion from the outside have an easy time
if authentication and authorization for services and components in the process network are
non-existent or insecure.
9
Attacks on network components
Network components can be manipulated by attackers, for example to carry out
man-in-the-middle attacks or to make sniffing easier.
10
Technical faults and acts of God
Failures are always possible as a result of extreme environmental influences or technical
defects – the risk and the potential for damage can only be minimized here.
© Siemens AG 2014