Organizations that operate Industrial Control Systems (ICS) understand the critical nature of these assets and have led all business sectors in the use of strong physical security controls. But ICS were built with process uptime and high availability in mind before cyber criminals were a threat. Today, cyber security in ICS is far behind IT security standards. This poses real risks to plant operations, personnel, the environment and the community in general.
Most cyber attacks on industrial networks begin with a thorough reconnaissance phase designed to gather as much intelligence as possible on human, network and protocol information, as well as information about the manufacturing process, industrial applications, and potential vulnerabilities.