The evolution of ICS security

This article, which comes with nice screencasts, is an interesting state of art on industrial system – or rather lack of – security. These systems are popularly known as SCADA systems, but SCADA systems are just a subpart of ICS (Industrial Control Systems).

Well, there is no surprise that they have been highly insecure from their conception, and that many are exposed on the Internet.

What is interesting is to note the recent evolution:

  • As ICS are getting more media coverage, they are more and more targeted by both security researchers and activists (e.g. Anonymous). The latter is especially scary if you think of what some of them are capable to do for their cause and their degree of amateurism.
  • More and more automatic exploitation tools are developed, making the task of the attacker easier: Metasploit modules, WinCC Harvester, PLCScan…
  • Stuxnet was discovered about 3 years ago, but vendors have yet to fix systems and publish security hardening guides (still drafts). I am even talking about end-users awareness…

Conclusion: we are still at the beginning of the ICS insecurity era and we can expect more hack news…