Rob, actually, those older PLCs were about as imune as an automation device could be, since they spoke a different language, used a non-standard connection, and required a proprietary terminal to program them, or to change the program. Of course that made living with them a lot harder, but it did make them fairly secure.
The first hacking disaster that I came across was not even intentional: An IT person had connected a controls computer up to the plant eternet network so that they could monitor production testing results. The damage was done when windows stopped a test in mid-sequence to download a new currency conversion utility. During the time that the test was halted the prototype part being tested melted and almost caught fire. Not the intended result of the connection, but it shows that windows can be our worst enemy.
And for the question of "Why would anyone attack a factory network?", the answer is quite simple. "Because it is there". It seems that many who attack and do damage are simply out to do damage, and they are far less likely to be caught than if they go out shooting people. So they damage things instead. Just simple mindless vandalism is all the motivation that some of them need. Then there is another class that simply hate bill gates and do things to make his company look bad. They are another problem.
These are all really good points, William K. There are a lot of external devices the use of which can be eliminated to help keep networks more secure, and this can be done quite easily. Sometimes the simplest way to help alleviate a problem is overlooked.
"Cybersecurity is becoming an increasingly thorny concern for those running automation and control networks. With the proliferation of plant networks matched by the growing Internet of Things and wireless everything, security has become a major issue."
You are right ROB. Security is a major concern especially with self talking and networking devices. I don't think it cannot be address permentlly because hackers are more brilliant than security professionals.
You're right about inside jobs, Ann. Both examples in this story were inside jobs. I just came out of a meeting with automation and control engineers who work with a big automation vendor. They say the plant operators don't believe anyoine would want to attack their networks.
Gee thanks, Rob, I didn't sleep so well after reading this. Seriously, though, thanks for the reporting on this important subject. Several years ago I wrote a white paper on security for a very large company in the business and was really horrified at what I learned. That was the year that all those breaches started occurring at credit card processors and lost company laptops with huge customer databases on them. The basic takeaway was, it's usually an inside job.
Definitely a real problem here, Elizabeth, and amn interesting tale as well. The problem as stated also mentions a potential solution, unstated, but nobody would like the obvious way to reduce the problem. In the simplest terms, a system that can't hear the outside commands, and does not even speak that language, is rather less likely to be "lead astray." I am not suggesting the same thing as the physical isolation approach, which your article points out is not effective, without even mentioning isolation as a concept. But consider that a large number of the things that open a system to invaders are done for convenience. Memory sticks and RF access, along with internet access, are mostly for the convenience of users, rather than actually vital to the main function of a system. So just like your conclusion, security must be integral and constant. Making data ports one-way only as a hardware design would make things less convenient, but if they were really one-way, nothing could enter by that path. So separating data gathering and reporting from process cntrol is certainly less efficient, but if it is done in a one-way only hardware scheme it can stop hackers. Of course all code must also include enough security, but that is at least in theory, hackable. I have described one more method of improving security, not a total solution, but a way to block some of the holes.
Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.