The Global State of Security in Industrial Control Systems: An Empirical Analysis of Vulnerabilities Around the World

Operational Technology (OT) networks and devices, i.e., all components used in industrial environments, were not designed with security in mind. Efficiency and ease of use were the most important design characteristics. However, due to the digitization of industry, an increasing number of devices an...

Full description

Saved in:
Bibliographic Details
Published inIEEE internet of things journal Vol. 8; no. 24; pp. 17525 - 17540
Main Authors Anton, Simon Daniel Duque, Fraunholz, Daniel, Krohmer, Daniel, Reti, Daniel, Schneider, Daniel, Schotten, Hans Dieter
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 15.12.2021
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Control systems
Empirical analysis
Industrial control
Industrial electronics
Industrial information technology (IT)-security
Industrial Internet of Things
Information technology
Integrated circuits
Internet
Internet of Things (IoT)
Networks
open source intelligence (OSINT)
operational technology (OT)-security
Performance evaluation
Protocols
Reconnaissance
Search engines
Security
threat landscape
Websites
Online AccessGet full text

Cover

More Information
Summary:Operational Technology (OT) networks and devices, i.e., all components used in industrial environments, were not designed with security in mind. Efficiency and ease of use were the most important design characteristics. However, due to the digitization of industry, an increasing number of devices and industrial networks are opened up to public networks. This is beneficial for the administration and organization of the industrial environments. However, it also increases the attack surface, providing possible points of entry for an attacker. Originally, breaking into production networks meant to break an information technology (IT)-perimeter first, such as a public Website, and then to move laterally to industrial control systems (ICSs) to influence the production environment. However, many OT-devices are connected directly to the Internet, which drastically increases the threat of compromise, especially since OT-devices contain several vulnerabilities. In this work, the presence of OT-devices in the Internet is analyzed from an attacker's perspective. Publicly available tools, such as the search engine Shodan and vulnerability databases, are employed to find commonly used OT-devices and map vulnerabilities to them. These findings are grouped according to the country of origin, manufacturer, and number as well as severity of vulnerability. More than 13000 devices were found, almost all contained at least one vulnerability. European and Northern American countries are by far the most affected ones.
ISSN:2327-4662
2327-4662
DOI:10.1109/JIOT.2021.3081741