The increase in attacks against ICS points to increased sophistication of the attackers. "Attacking a GE control system device is very different from attacking a website," said Francis Cianfrocca, CEO of Bayshore Networks. "It is easy to find a lot of effective material in the public domain to attack websites and enterprise apps, but the knowledge to attack ICS typically has been far less developed."
Critical infrastructure systems are generally much more open in design, and therefore, are much more vulnerable to attack than commercial/enterprise systems. Some might even say that ICS are wide open to attack because of their design and implementation. "Even though they are vulnerable, if you are going to attack ICS, you will require a lot of specialized knowledge as the devices and systems are often highly customized," Cianfrocca said. "All critical systems are different and use different protocols; vendors violate the protocols in different ways, essentially minimizing the hactivists and increasing the focus on nation states."
However, enterprises don't have the luxury of focusing solely on the nation-state adversaries as there are many more threats and adversaries they need to consider. Henry noted that organized crime is not too far behind the nation-state adversaries both in terms of skill and capability. And, once organized crime attackers get a few successes under their belts, funding is often not a problem either. "Businesses have formed that are offering 'hacking as a service,' and there are plenty of insiders and lone wolves taking legitimate jobs with a direct aim to extract sensitive information from the private sector," said Henry. [Also see: ""]
It's difficult for companies to protect themselves given the level of sophistication of many adversaries. "With the most sophisticated attacker at the threat controls, organizations won't stand a chance," said Phil Lieberman, president of Lieberman Software. "They would need to have NSA-like teams on staff -- or NSA-like partners -- if they are to prevent targeted attacks," Lieberman said. Henry shared a similar view, noting that a sophisticated adversary can and will easily jump over the fence -- hopping over or around the firewall with ease.