Company selling security consultancy find security flaws shocker
This reads like company advert. "We did A and we took your network down, if you don't employ us, you could be next"
Its difficult to know where to start with this one but I'll try
Godfrey explained that security has never been a design criteria for industrial control kit and this hasn't changed with the advent of IoT in the domain of SCADA systems.
That's simply not true. The industry is spending a lot of effort in security, however unlike It where security is the primary concern it has to be balanced with the primary function of safety. Also the long timescales and legacy kit, is another issue that needs resolving
Historically everything was "air-gapped" but this has changed as the equipment has been adapted to incorporate internet functionality.
But their attack requires local access. Physical security is as important as cyber security in these situations. If you can just walk in and install a box on a critical infrastructure, cyber security is the least of your woirries
Industrial control setups certainly don't have the maturity of enterprise environments
Agreed, but then again enterprise environments have the benefit of constant support and upgrades cycles. Suggest IT can't touch any kit for 2 years and see how mature your systems are then. Saying that our 'mature' enterprise environment is often brought down if someone adds a rogue DHCP server, so perhaps enterprise should not be to smug
Denial-of-service in industrial control environments is easy and fuzzing (trying a range of inputs to see which causes an undesigned effect) also offers a straightforward way to uncover hacks.
A lot of systems undergo DoS testing. It depends where you test. The idea is that attacks on the outward facing interfaces should not stop the control system. So we can bring down the scada, but the automation control is retained
"kill industrial processes with only four lines of code"
Without knowing what the kill code is, it is impossible to say what happens here, or whether all systems are equally vulnerable. Is it some sort of DoS attack, a specific PLC command, some use of a SCADA protocol. I can think of many ways to do this, but they would be specific to a type of system and not universal
However there are many defenses that can be put in place such as soning of your network, or network anomaly detection devices. However Stuknet showed that you can only slow not stop a attacker. If you get a nation player with infinite resources, they will get in. Your only hope is to make a) so hard, they won't try and b) limit the damage if they do.