Connecting...

Control Systems - Still A Target Rich Environment

28 Sep 11:00 by Source: https://www.linkedin.com/pulse/control-systems-still-target-rich-environment-fred-gordy?trk=v-feed

W1siziisijiwmtcvmdgvmtgvmtavndyvmjmvotmwl1bpu1mgqk1tielnqudfienst1bqruquanbnil0swyjwiiwidgh1bwiilci4mdb4nduwiyjdxq

Over the past couple of years awareness for the need of SmartBuilding cyber security has grown. However, the number of exposed building control systems/devices, with little or no protection, has also grown.

In the United States as of July 21, 2017 there was 4,672,221 exposed building control devices according to Censys. In the world there were 12,395,101 exposed building control devices. This means the United States makes up roughly 37% of the exposed building control devices in the world.

The following graphics show information that was derived from IoT search engine queries of internet connected devices.

The table and graphic below are from searches using various control system identifiers.

The USA to World Comparison of Exposed Control System Devices graph below are numbers above in relationship to the rest of the world. (world = blue | USA = red)

For example; the USA has over 40% of Niagara instances exposed worldwide. The USA has just under 40% of all BACnet exposed devices worldwide.

(Schneider Electric and Schneider were identified separately by the search)

The following pie charts and tables represent common protocols by manufacturer.

HOST BY MANUFACTURER

The pie chart below shows the quantity of each exposed host by manufacturer in the USA above 9.000. The table is a list of host by manufacturer under 9,000. The query used was a simple search for group by manufacturer metadata.

BACNET BY MANUFACTURER

This pie chart shows the percentage of exposed BACnet devices by manufacturer in the USA. The table shows all others under 1% each.

MODBUS BY MANUFACTURER

This pie chart shows the percentage of exposed Modbus devices by manufacturer in the USA. The table shows all others under 1% each.

FOXPORT (1911) BY MANUFACTURER

This pie chart shows the percentage of exposed Foxport (1911) devices by manufacturer in the USA. The table shows all others under 1% each.

In an effort to make systems freely accessible for the purpose of service and serviceability, they have been made vulnerable. The bad guy is continually looking for the path of least resistance and SmartBuilding technology is proving more and more to be the path of choice. Instances are up on the number of attacks against controls technology and there is no indication that this trend will trend down. In fact, most in the field are seeing increasing attacks against control systems.

I work with clients from small REIT's to Fortune 100 companies. The majority of these clients are facing the same battles as it relates to their control systems security. The good news is there are small things that can be done that will take these systems off bad guys radars. One major step in the right direction is to remove public exposure of control system devices so that the IoT search engines can't pick them up therefore making it harder for the bad guy to find them.

Fred Gordy - Cyber Security Director - Intelligent Buildings