In an era where automation has become the cornerstone of industry, the security of infrastructure is more crucial than ever. At the heart of the digitalization of industries lies the Programmable Logic Controller (PLC), which controls factories, transportation systems, and more. A PLC is a logic controller used in various industrial fields such as manufacturing, energy, transportation, and utilities to automate manufacturing processes and control machinery. It is comprised of input/output modules, a central processing unit, and a programming interface. It acts as the conductor of an orchestra, determining when machines start, stop, accelerate, or decelerate. It's like a remote control ensuring that all machines operate as desired. However, as PLCs have become increasingly vital, they have become targets of cyber threats as industries become more interconnected and integrated into industrial control systems.
A notable incident occurred in 2017 in Saudi Arabia where a PLC attack targeted an oil company. Suddenly, operations at the oil plant came to an unexpected halt. While the attack resulted in a flaw causing the shutdown of plant operations, if the hackers had executed the attack as planned, it could have led to potential fatalities. The hackers targeted the safety measures of the oil company, which included control systems aimed at preventing accidents such as gas leaks. The compromised system allowed hackers to remotely monitor and control it. If the factory equipment malfunctioned or toxic gases leaked, it could have resulted in a major disaster. This incident demonstrated that manipulating PLCs, which control safety devices, could directly impact industrial safety systems through cyberattacks.
Moreover, PLC attacks are particularly ruthless in industrial facilities, especially in sectors like oil, gas, and water resources, which are crucial national assets. Attacks on PLCs are frequent due to the significant economic and societal impact that disruptions in these institutions can cause, making them prime targets for hackers. Furthermore, industrial facilities are inherently critical, and accidents could have catastrophic consequences. From an industrial operation standpoint, information such as resource production processes, inventory levels, and market strategies is highly valuable. Competing companies and even nations often target industrial PLCs to gain access to strategic data.
In December 2023, for instance, 70% of Iran's gas stations experienced shutdowns due to PLC issues. It was nothing but a software problem at the gas stations, and a hacking group affiliated with Israel boasted on social media about attacking Iran's oil system. This group had previously carried out cyberattacks on Iran's steel company, drawing attention to such issues.
In December 2023, an Iranian hacking group launched a large-scale cyber attack targeting water resource facilities in the United States. The attackers manipulated PLCs to control the operations of water treatment facilities. Water supply systems, providing drinking water directly consumed by citizens and animals, are crucial. If errors occur in water supply systems that provide clean water, affecting certain chemical levels such as sodium hydroxide, it could impact the lives of ordinary citizens. The attackers focused on PLCs, components used in industrial environments, including water treatment facilities. Exploiting weak passwords, the attackers gained access to water resource agencies. Although they didn't directly cause water quality issues, they stole data and disrupted water supply facilities. They also declared intentions to attack any companies associated with Israel or Israeli products.
Additionally, PLC attacks exploiting vulnerabilities in various industries are occurring. Cyber hacking incidents highlight the increasing importance of protecting industrial PLC systems from cyber threats. As more industrial processes become interconnected and digitized, ensuring system resilience and integrity is essential to protect critical infrastructure and prevent catastrophic issues. Developing standards and regulations and fostering collaboration among industry stakeholders, governments, cybersecurity experts, and related organizations are crucial. For instance, SSenStone, an authentication expert in cybersecurity, offers authentication products utilizing OTAC technology for PLC devices, available on PLCnext Store, Phoenix Contact’s digital application marketplace.
Organizations need to devise strategies encompassing technological solutions and cybersecurity best practices. Raising awareness of cyber threats requires various forms of awareness enhancement, including regular vulnerability assessments, network segmentation, access control, encryption, intrusion detection systems, and employee education. Proactively addressing PLC security issues in increasingly interconnected industrial systems can mitigate risks posed by cyber-attacks, protecting operations and critical infrastructure.
