While the world is becoming more and more interconnected and “connecting machines to IT systems provides a number of benefits,” such connectivity, if not installed properly, can introduce many security challenges. These inter-connections can enable security vulnerabilities and potential pathways for compromise of the control environment by malicious threat actors.
The mission of the Department of Homeland Security’s (DHS’s) National Cybersecurity and Communications Integration Center (NCCIC), and specifically the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is to assist critical infrastructure asset owners to reduce cyber risks to control systems and processes that operate the nation’s critical infrastructure. ICS-CERT responds to cybersecurity incidents on a daily basis, almost all involving compromises of control system environments via connections to the corporate network. Once on the network, intruders often move laterally looking for other connected zones or networks. Without proper network segmentation and monitoring of communications, the control system environment can potentially be compromised, in some cases providing the ability for the intruder to take control of the process.