The Top 20 CyberAttacks On Industrial Control Systems whitepaper
Waterfall team
Techniques for evaluating cyber-sabotage risk to industrial systems are well understood by those skilled in the art – evaluate a large inventory of possible attacks against the cyber-physical system in question, and render a verdict. Communicating the results of the assessment to business decision-makers is more difficult, especially for low-frequency, high-impact (LFHI) attacks for which there are no historical statistics.
Since business decision-makers understand example attacks more readily than abstract risk metrics, this paper simplifies assessing and communicating risk by defining a standard set of Top 20 industrial control system (ICS) attacks across a wide range of attack sophistication and consequences. The key risk metric to communicate to business decision makers, then, is the nature of the simplest attack that is not reliably defeated by existing or proposed security measures.
This paper concludes with a worked example, applying the Top 20 type of assessment to an example industrial site and comparing the strength of two different security programs for the site using the standard attacks.
In this eBook
The Top 20 Attacks
Water Treatment System Example
Attack Evaluation
Industrial Internet of things design
IIoT Attack Evaluation
Improving ICS Security
Updated Attack Evaluation
About the author
Andrew Ginter, VP Industrial Security at Waterfall Security Solutions
At Waterfall, Andrew leads a team of experts who work with the world’s most secure industrial sites. He is author of two books on industrial security, a co-author of the Industrial Internet Consortium’s Security Framework, and the co-host of the Industrial Security Podcast. Andrew spent 35 years designing SCADA system products for Hewlett Packard, IT/OT connectivity products for Agilent Technologies, and OT/ICS security products for Industrial Defender and Waterfall Security Solutions.
