Case study 3 – ISA/IEC 62443 based industrial endpoint protection
Multiple security breach reports have highlighted the inadequacy of perimeter-based protection in connected industries and critical infrastructures. Security defenses need to extend beyond the perimeter, all the way to the field devices, and the endpoints should be protected, as well.
In March 2016, in a recorded cyber incident, a water utility's control system was infiltrated, and the levels of chemicals used to treat tap water were altered to unsafe levels (WAT-CAS). The water utility's operational control system was connected to the internet. The control system managed the programmable logic controllers (PLCs) to regulate the valves and ducts controlling the flow of water and chemicals to treat the water. Using SQL injection and phishing, the attackers could obtain the login credentials of the control system, gain access to the PLCs, and alter the level of chemicals. Fortunately, the system was equipped with an alert functionality...
