Critical infrastructures (CI) and industrial organizations aggressively move towards integrating elements of modern Information Technology (IT) into their monolithic Operational Technology (OT) architectures. Yet, as OT systems progressively become more and more interconnected, they silently have turned into alluring targets for diverse groups of adversaries. Meanwhile, the inherent complexity of these systems, along with their advanced-in-age nature, prevents defenders from fully applying contemporary security controls in a timely manner. Forsooth, the combination of these hindering factors has led to some of the most severe cybersecurity incidents of the past years. This work contributes a full-fledged and up-to-date survey of the most prominent threats against Industrial Control Systems (ICS) along with the communication protocols and devices adopted in these environments. Our study highlights that threats against CI follow an upward spiral due to the mushrooming of commodity tools and techniques that can facilitate either the early or late stages of attacks. Furthermore, our survey exposes that existing vulnerabilities in the design and implementation of several of the OT-specific network protocols may easily grant adversaries the ability to decisively impact physical processes. We provide a categorization of such threats and the corresponding vulnerabilities based on various criteria. As far as we are aware, this is the first time an exhaustive and detailed survey of this kind is attempted.
翻译:关键基础设施(CI)和工业组织积极推动将现代信息技术要素融入其单一操作技术(OT)架构,然而,随着OT系统逐渐变得日益相互联系,它们默默地变成了不同对手群体的目标;同时,这些系统的内在复杂性及其先进老化性质,使捍卫者无法及时充分适用当代安全控制;这些阻碍因素的结合导致过去几年中一些最严重的网络安全事件。这项工作有助于对工业控制系统面临的最突出威胁进行全面和最新的调查,以及在这些环境中通过的通信协议和装置。我们的研究强调,由于商品工具和技术的繁衍,对CI的威胁呈螺旋上升趋势,这些工具和技术可以促进早期或后期的攻击阶段。此外,我们的调查表明,在设计和实施若干针对OT的网络协议方面现有的弱点可能很容易地抵消对物理进程产生决定性影响的能力。我们根据各种标准对这种威胁和相应弱点进行分类,我们第一次了解到这种威胁的分类,根据各种标准进行这种详细调查是一次尝试。