Hotspots of industrial control system security in 2023
In 2023 the ransomware virus still threatened the security of global industrial control systems(ICSs),intensified geopolitical conflicts made the ICS become an important battlefield for hostile cyberattacks,and the supply chain once again became the soft underbelly of ICSs.Fortunately,much more attention was paid to ICS security and large-scale exercises were carried out by countries worldwide.Besides,there were many documents launched by authorities for ICS policies and standards.For techniques,vulnerabilities were newly found and the defense approaches were evolving.Specifically,the software and hardware vulnerabilities were still the unavoidable weakness of ICSs.The"living-off-the-land attack"did not use vulnerabilities but enabled"low-cost,big threat"operations over ICSs.Besides,there were novel attacks such as deep lateral move attack on the control level,the PLC ransomware virus,and the attack toolkit Pipedream.Security vendors and research institutions launched security-specific monitoring platforms for ICSs,produced the trustful DCS,developed the forensics tools,proposed the lightweight cryptographic algorithms,and designed zero trust mechanism sensors.The idea of"secure by design"was gradually taken into the design of ICSs.There were also advanced researches on runtime PLC security testing,protocol implementation correctness testing,protocol reverse analysis,and attack detection.The emerging technologies,such as artificial intelligence,digital twin,and large language model,brought opportunities to the ICS security.Moreover,the ICS security had spillover to satellite systems,and the Europe and US began to prepare for the battlefield of cyber warfare in the space.
industrial control systemsafety pretection technologydigitalizesmart
NETL
NSTL
万方数据
