Recent headlines about cybersecurity breaches underscore how important protecting devices and networks is in today's world. Cyberattacks involve multiple industries, from industry giants such as Equifax, Target and, recently, SolarWinds, to universities, utilities and government agencies around the world. The attacks ranged from data breach and theft to ransomware, system infiltration and identity theft as well as nationwide attacks on key infrastructure, such as electricity and water.

Threat actors can access systems via internet-connected devices and systems, such as sensors, programmable logic controllers (PLCs), distributed control systems (DCSs), and other sensors found in IIoT (industrial internet of things) devices, such as smart alarms, smart breakers and more. These industrial automation and control systems (IACS) are vulnerable to malware, data leakage and compromise.

In a world of ubiquitous connectivity, trusted equipment is the backbone of safe network environments. But as more manufacturers and industries build and deploy smart IIoT devices, the security and safety of systems providing essential operations become more important and more difficult to manage. With the integration of IIoT devices in legacy systems and solutions on the rise, critical infrastructures and other industrial control system networks become more exposed to cyberattacks that are increasingly challenging to mitigate.

And while technology advances in leaps, the greatest vulnerability is still human error. A simple PowerPoint presentation that looks harmless can easily spread dangerous malware when an embedded link is clicked by a user. A simple USB plugged into a computer by a curious operator can take over the network of an entire plant. Threat actors exploit users through phishing, spoofing and social engineering.

The best way to combat this growing threat is to build protections in at the product or systems level. In essence, using secure-by-design philosophy, standards and countermeasures to stop a cyberattack before it even starts.

Attachments

  • Original document
  • Permalink

Disclaimer

Eaton Corporation plc published this content on 11 May 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 13 May 2021 13:57:00 UTC.