In late 2017 the ICS cybersecurity specialist Dragos announced that a safety controller (SIS) of a HIMA competitor in a process facility in the Middle East had been targeted by a new malware attack and successfully hacked. The SIS was compromised, leading to a shutdown of the facility.
The professional execution of the attack again clearly shows that facility operators need to take the subject of cybersecurity very seriously. HIMA, a leading global independent vendor of smart safety solutions for the process industry, therefore offers to provide expert consulting on the subject of cybersecurity in safety-critical systems.
The above-mentioned cyberattack represents a new dimension of cyberthreats to critical infrastructure. According to current knowledge, it was specifically planned and designed to target the SIS of a particular manufacturer. This sort of attack on a SIS, the first ever seen worldwide, is very sophisticated and only possible with significant effort.
Dr Alexander Horch, Vice President Research, Development & Product Management at HIMA, comments: “The incident with our competitor should serve as a wake-up call for all of us and further enhance awareness of the subject of cybersecurity in the industry.
Work processes and organisational deficiencies are by far the most common areas of vulnerability for successful cyberattacks. System interfaces that remain open during operation and can be used to program the systems concerned, for example, give attackers a potential point of access. We urgently advise facility operators to not rely solely on cybersafe components, but instead to establish a comprehensive security concept for their own facilities.”
To achieve maximum safety and security, it is especially important for facility operators to implement the requirements of the standards for functional safety and automation security (IEC 61511 and IEC 62443) for physical separation between process control systems and safety and security systems.
In addition to providing automation solutions conforming to relevant national and international standards, HIMA supports plant engineers and operators in developing security concepts for the entire life cycle.
“For facility operators it is important to constantly keep an eye on potential forms of manipulation. In this regard, safety-critical applications are fundamentally different from other industrial PLC or Office applications. Considerable expertise is necessary to ensure cybersecurity in safety applications.
Maintaining and constantly refining security often poses a challenge to facility operators. It is therefore advisable to draw on the services of experienced safety and security experts in order to jointly develop and implement effective concepts”, says Heiko Schween, a security expert at HIMA.