This website uses Google Analytics. Please click here to prevent Analytics from tracking your surfing behavior. Click here to stop the tracking.

BSI Analyses about cyber security

Top 10 Threats

Industrial Control Systems (ICS)

Automation and process control systems are "combined in the term Industrial Control Systems (ICS)." 1)

 

As reports about striking security deficits show again and again, "cyber security aspects have been treated with lower priority or even neglected in the past." 1) Unfortunately, the rude awakening will then often come after the first incident first.

 

Current threats

"The BSI has compiled the latest threats with highest criticality to which ICS systems are exposed at the moment during their cyber security analyses.

...

The threat priority results from an aspect examination like circle of offenders, distribution and exploitability of the weak points, as well as possible technical and economical consequences of an attack for example. Well-established incident databases are evaluated for this amongst others." 2)

Measure catalog  PDF

Top 10 threat overview acc. to BSI  1)
No.ThreatExplanation
Unauthorised use of remote maintenance accessesMaintenance accesses are intentionally created openings of the ICS network to the outside but are often not protected sufficiently. 
Online attacks via office / enterprise networks Office IT is usually connected to the Internet on many paths. Usually, there are also network connections from office into ICS network, so that offenders can invade on this way. 
Attacks on used standard components in the ICS network IT standard components (commercial off-the-shelf, COTS) like operating systems, application servers or databases usually contain faults and weak points that are exploited by offenders. If these standard components are also used in the ICS network, this will increase the risk of a successful attack on the ICS systems. 
(D)DoS attacks Network connections and necessary resources can be compromised and systems can be caused to crash by (distributed) denial of service attacks, for example to disturb the functionality of an ICS. 
Human misbehaviour and sabotage Deliberate acts – regardless whether by internal or external offenders – are a massive threat for all protection objectives. Besides this, negligence and human failure are a major threat especially regarding the protection objectives confidentiality and availability. 
Introduction of malicious code via removable media and external hardware The use of removable media and mobile IT components by external employees is always a great risk regarding malware infections. This aspect was important for Stuxnet for example. 
Reading and writing messages in the ICS network Since most control components communicate via plain text protocols and thus non-protected at the moment, eavesdropping and introducing of control commands is often possible without much effort. 
Unauthorised access to resources In particular internal offenders or subsequent attacks from outside have a walk-over if services and components in the process network implement nor or insecure methods for authentication and authorisation. 
Attacks to network components Network components can be manipulated by offenders, to make man-in-the-middle attacks or easy sniffing for example. 
10 Technical misbehaviour and force majeure Failures due to extreme environmental conditions or technical failures are always possible – risk and damage potential can only be minimised here. 

 1) Source: BSI-CS 029 | version 1.00 dated April 12, 2012   Web link 

Callback Service
Do you need more
information?
Ask for a callback!