From Exposed to Exploited: Drawing the Picture of Industrial Control Systems Security Status in the Internet Age

Yixiong Wu, Jianwei Zhuge, Jianwei Zhuge, Tingting Yin, Tianyi Li, Junmin Zhu, Guannan Guo, Yue Liu, Jianju Hu

Abstract

The number of Internet-facing industrial control system(ICS) devices has risen rapidly due to remote control demand. Going beyond benefits in maintenance, this also exposes the fragile ICS devices to cyber-attackers. To characterize the security status of Internet-facing ICS devices, we analyze the exposed ICS devices and their vulnerabilities. Considering the ethic, we design and implement ICScope, a passive vulnerability assessment system based on device search engines. Firstly, ICScope extracts the ICS device information from the banners returned by multiple search engines. Then, ICScope filters out the possible ICS honeypots to guarantee accuracy. Finally, ICScope associates ICS vulnerabilities with each ICS device. Over the past year, our measurements cover more than 466,000 IPs. We first perform a comprehensive measurement of Internet-facing ICS devices from Dec 2019 to Jan 2020. We find that there are about 49.58% of Internet-facing ICS devices that can be identified are affected by one or more vulnerabilities. We also conduct three times experiments from Jun 2020 to Dec 2020 to monitor the security status of Internet-facing ICS devices. We observe a slowly decreasing trend in the number of vulnerable ICS devices during our experiment period.

Download


Paper Citation


in Harvard Style

Wu Y., Zhuge J., Yin T., Li T., Zhu J., Guo G., Liu Y. and Hu J. (2021). From Exposed to Exploited: Drawing the Picture of Industrial Control Systems Security Status in the Internet Age.In Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-491-6, pages 237-248. DOI: 10.5220/0010327902370248


in Bibtex Style

@conference{icissp21,
author={Yixiong Wu and Jianwei Zhuge and Tingting Yin and Tianyi Li and Junmin Zhu and Guannan Guo and Yue Liu and Jianju Hu},
title={From Exposed to Exploited: Drawing the Picture of Industrial Control Systems Security Status in the Internet Age},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2021},
pages={237-248},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010327902370248},
isbn={978-989-758-491-6},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - From Exposed to Exploited: Drawing the Picture of Industrial Control Systems Security Status in the Internet Age
SN - 978-989-758-491-6
AU - Wu Y.
AU - Zhuge J.
AU - Yin T.
AU - Li T.
AU - Zhu J.
AU - Guo G.
AU - Liu Y.
AU - Hu J.
PY - 2021
SP - 237
EP - 248
DO - 10.5220/0010327902370248