The ICS threat landscape is expanding fast. With the rise of the Industrial IoT, and increased device connectivity, no mission-critical entity is safe. On one hand, the expansion of the Internet also makes ICS easier prey to attackers, with ICS components being available online. On the other hand, attackers can easily attain industrial products and technologies and reveal relevant vulnerabilities to exploit. Both aspects emphasize that it is getting increasingly simpler for attackers to exercise their will in industrial environments, having to invest less resources to do so.
In this session, we will provide an example which emphasizes this trend, where the CyberX research group was able to expose vulnerabilities within a leading vendor’s PLC, getting from complete obscurity to the desired end-game, while having to cope with diverse challenges. These include physical extraction of components and de-coding of the encoded firmware.
The aforementioned trend in the ICS Security eco-system leads to a flux in ICS vulnerabilities, which is part of the inevitable cat and mouse race between attackers and defenders in the ICS security domain. This race has peaked a new level, where every Industrial IoT environment is in harm's way. We will also outline the need for comprehensive threat analysis tools for the ICS industry required to mitigate the ever growing risks.