ICS cyber security in 2020- and the road ahead in 2021

Update (16 Oct 2020) :We have started receiving contributions/paper submissions for inclusion in this report. If you have not yet sent in your thoughts, please do so at the earliest. We will be publishing this report by end October 2020 or latest by early November 2020.

A lot of exciting insights from Industry leaders and professionals will be included.

The ICS Cyber security field has seen a lot of happenings this year in 2020 such as :

Key ICS Cyber Security Developments 2020

1. US President Donald Trump issuing an Executive Order regarding cyber security of the bulk electric supply and power grid in May 2020. This also included among other things securing the electric power utilities from supply chain attacks (using compromised components with backdoors that can be exploited at some time in future by adversaries). This was after he extended the National Cyber emergency state in March 2020.

2. MITRE ATT&CK for ICS being made publicly available. From the MITRE ATT&CK blog “In order to create ATT&CK for ICS, the team went through public incident reports, research papers, conference presentations, blogs, and more to identify and to verify the existence of techniques in the wild”.

3.  The US Cybersecurity and Infrastructure Security Agency released its five year Industrial Control Systems security strategy  According to the agency “A Unified Initiative, is a multi-year, focused approach to improve CISA’s ability to anticipate, prioritize, and manage national-level ICS risk. Through this “One CISA” initiative, CISA will work with critical infrastructure (CI) owners and operators to build ICS security capabilities that directly empower ICS stakeholders to secure their operations against ICS threats”. 

4. ISA 99 committee released the ISA/IEC 62443-3-2 part of the standard, that deals with risk assessment of Industrial Control Systems. This is an important part of ICS cyber security and it is covered well in the Abhisam Industrial Cybersecurity Professional training course. Nevertheless the standard is important to refer to, before carrying out your risk assessment for your Industrial Control System.

5. UL (Underwriters Laboratories) formally announced that they have launched a system to assess cybersecurity in the supply chain. Although it is not exclusively for ICS cyber security, yet it could be  used as an alternative to ISA’s ISA Secure system to ensure that Industrial Automation system components are secure and do not become backdoors that can compromise ICS security of the host system.

6. Reported cyber attacks on Israeli water plants by unknown state or non state actors. These were not one single attack but multiple ones on different types of water related infrastructure such as agricultural pumps as well as trying to manipulate Chlorination systems that supply drinking water to cities.

These are some key events in the ICS cyber security space that have occurred until now in the year 2020. We are not even in  the last quarter yet. As the global COVID-19 pandemic rages further around the globe, leading to more people relying on Industrial Automation Systems and Industrial IoT systems to work remotely, we can expect more such attacks, not less.

What about the year ahead and in 2020?

As you know most Industrial Automation and Control Systems are not designed to be secure by design, not having sufficient (or any) features related to authentication, encryption or anything remotely secure, they are easy targets for all kinds of state actors and non-state actors that wish to disrupt a nation’s economy.

If you are not familiar with the subject, here’s a brief primer about ICS Security. If you are interested in knowing more about protecting your Industrial Control Systems and Safety Instrumented Systems for cyber threats, please refer to the Abhisam Industrial Cybersecurity training course here.

We at Abhisam, are compiling experiences and expectations from different stakeholders in the ICS cyber security space such as end users from the process industries, energy, bulk power supply, critical infrastructure, manufacturing, design engineering consultants, ics cyber security product vendors, consultants, certifiers and more to have an overview of what has happened so far and what one can expect in the year 2021.

This will be a useful document to not our our learners, but to anybody who wishes to keep abreast of what is happening in the Industrial Cybersecurity area.

If you feel you can contribute to this initiative, please feel free to contact us.