6 points to pay attention to when the most explosi

2022-08-08
  • Detail

The industrial control industry has entered the outbreak period of network security problems, and six points need to be paid attention to

- in 2010, Stuxnet virus infected more than 45000 networks around the world, and Iran was the most severely attacked, with 60% of personal computers infected with this virus

- in 2016, nearly 1000 construction machinery and equipment of Sany Heavy Industry were illegally unlocked and damaged, with a number of nearly 1000, affecting many provinces, with direct economic losses of more than 30 million yuan and indirect losses of nearly 1 billion yuan

- in 2018, the variant of wannacry invaded Taiwan's integrated circuit manufacturing, the world's largest OEM chip manufacturer, resulting in its shutdown for three days, with an estimated economic loss of 1.74 billion yuan

the industrial control industry has entered the outbreak period of network safety problems, and the safety debt should be repaid

in this context, green alliance technology released the framework for information security assurance of industrial control systems, summarizing six key findings in information security of industrial control systems

first, the construction objectives of industrial control system and traditional IT information system are different, which leads to considerable differences in technology, management and service. In most cases, confidentiality is the most important part of traditional information security. It is quite different in the field of industrial control system. Industrial control system emphasizes the degree of industrial automation and the ability of intelligent control, monitoring and management of related equipment. Therefore, industrial control system requires higher integrity and availability

second, the assets exposed by the industrial control system are increasing day by day. In the case of external connection, the industrial control system is easy to be detected externally, and the assets can be identified through the special fields contained in the information returned by public or private communication protocols, web services, Telnet, FTP, etc., so as to realize the control of assets

the following is how green alliance technology detects the exposure of global industrial control assets in the network through asset identification technology. First, take the most common MODBUS and Siemens S7 protocols as examples to calculate the total amount and distribution of global equipment data. Statistical analysis in 2018

● it is found that there are 373612 devices using Modbus protocol

● the top three countries detected to use Modbus protocol are the United States, South Korea and Belgium

● the top three provinces detected to use Modbus Protocol in China are Guangdong, Taiwan and Beijing

● 375835 devices using S7 protocol were found

● the top three countries detected to use S7 protocol are the United States, South Korea and China

● the top three provinces detected to use S7 protocol in China are Guangdong, Shanghai and Beijing

third, with the in-depth study of industrial control security in recent years, more and more industrial control vulnerabilities have been found by researchers. According to the statistical analysis of the five typical industrial scenarios of water supply and treatment industry, chemical industry, petrochemical industry, power industry and metallurgical industry, the threats faced by industrial control systems showed a significant upward trend in 2017 and 2018. The following figure takes the petrochemical industry as an example:

Figure 1 threat situation of the petrochemical industry

Fourth, there will be more and more extortion viruses against industrial control systems. The current extortion viruses, such as wannacry, mainly attack the IT system in the industrial control system, such as the upper computer, ERP system, etc. From the perspective of attack mode and impact, extortion viruses against OT system will appear in OT system in the future, such as extortion viruses against PLC, DCS and other systems

v. industrial control safety technology still needs a new round of innovation. When considering introducing the technical means of it information security or building on the technology of its own characteristics, industrial control security needs to match the operation characteristics of the industrial control system, and it is necessary to consider how the unified it+ot security technical means can be effectively integrated into the industrial control security capability. The role of safety technology in industrial business efficiency should be considered. In terms of technical application, we should consider the connection between lightweight, undisturbed, business data collection and safety data collection, and we need to consider the tensile experiments in various industries (stress-strain experiments). 1 generally, the differences applied to clamp the two ends of the material sample on two fixtures with a certain distance between them, the extraction of common technologies and the application of specific technologies

VI. in terms of the construction of safety capability, comprehensive joint diagnosis and analysis of business faults will become a development trend of industrial control safety in the future. In the construction process, the translation and analysis of safety data and business data are needed to form an effective communication mechanism after the artificial intervertebral disc is inserted into the goat. The bridge and channel between security data content and business data content need to be gradually opened up, and gradually realize the integrated business assurance ability of business channel to provide effective data for security and provide effective support for business assurance

with the policy guidance of various national ministries and commissions, the support of relevant national funds, and the increasing attention of various control system operating enterprises to industrial control security, industrial control information security is bound to usher in a better period of development. From the perspective of the future, industrial information security is bound to be a comprehensive security, and the value of security also needs to be reflected in the substantive promotion of business

Copyright © 2011 JIN SHI