The State of Security in Control Systems Today: A SANS Survey
The control systems used to critical infrastructure facilities are increasingly vulnerable to attack, but it's almost impossible to tell how often they're breached or how it's done, according to early results from a SANS survey on the security of industrial control systems. Thirty-two percent of respondents who admitted having experienced a breach said they can't say how often they were breached; 42 percent said they weren't able to identify the source of the breaches.
“The number of confirmed breaches is rising, but the limited ability of most ICS security systems to detect attacks, let alone reveal their source and type, is at least as big a problem as the number of attacks on operational technology systems,” according to Bengt Gregory-Brown, consultant to the SANS ICS program. “Lack of visibility into ICS systems is a problem, and one that's growing with greater connectivity and the IT-OT integration.”