{"id":114,"date":"2021-01-07T18:05:53","date_gmt":"2021-01-07T15:05:53","guid":{"rendered":"https:\/\/zerontek.com\/zt\/?p=114"},"modified":"2021-01-07T18:09:16","modified_gmt":"2021-01-07T15:09:16","slug":"how-ics-owners-think","status":"publish","type":"post","link":"https:\/\/zerontek.com\/zt\/2021\/01\/07\/how-ics-owners-think\/","title":{"rendered":"How ICS owners think"},"content":{"rendered":"\n<p>Based on an <a rel=\"noreferrer noopener\" href=\"https:\/\/www.youtube.com\/watch?v=N9fODU82xrs&amp;t=686s\" target=\"_blank\">interview <\/a>I did with <a rel=\"noreferrer noopener\" href=\"https:\/\/twitter.com\/achillean\" target=\"_blank\">John Matherly<\/a> &#8211; the founder of Shodan -last year in Kuwait. I learned from him some interesting lessons about ICS security for online ICS devices:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>ICS owners don&#8217;t look at their network.They don&#8217;t even know if they have been scanned by Shodan.<\/li><li>Industrial IoT (iIoT) devices are part of Shodan radar. They can be found online. He thinks it&#8217;s a mistake to put these devices online.<\/li><li>Many ICS vendors don&#8217;t bother to secure their devices, because they think they are not exposed online.<\/li><li>Many ICS asset owners aren&#8217;t disconnecting their ICS devices from the internet even after they been advised . <\/li><li>Nowadays, some ICS vendors are listening and considering security. An improvement to the past he admitted.<\/li><li>Shodan is working to expand ICS meta data in 2 ways: ability to identify the asset owner and to filter ICS devices if they should be online or not.<\/li><\/ul>\n\n\n\n<p>So to summarize the above lessons, which I would give to ICS asset owners:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Make inventory of your assets and network. <\/li><li>Decide what can be online or not<\/li><li>Keep logs and and implement technologies that enable you to detect external traffic targeting your ICS assets\/network.<\/li><li>Secure and Configure your online devices based on best practices.Watch out for default settings and passwords.<\/li><li>Stop information leakage from your online devices .<\/li><\/ol>\n\n\n\n<p>Stay safe !<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Based on an interview I did with John Matherly &#8211; the founder of Shodan -last year in Kuwait. I learned from him some interesting lessons about ICS security for online ICS devices: ICS owners don&#8217;t look at their network.They don&#8217;t even know if they have been scanned by Shodan. Industrial IoT (iIoT) devices are part [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,3,23,5],"tags":[6,22,19,21,20],"class_list":["post-114","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-ics-security","category-shodan","category-vendors","tag-ics-security","tag-iiot","tag-interview","tag-john-matherly","tag-shodan"],"_links":{"self":[{"href":"https:\/\/zerontek.com\/zt\/wp-json\/wp\/v2\/posts\/114","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zerontek.com\/zt\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zerontek.com\/zt\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zerontek.com\/zt\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/zerontek.com\/zt\/wp-json\/wp\/v2\/comments?post=114"}],"version-history":[{"count":6,"href":"https:\/\/zerontek.com\/zt\/wp-json\/wp\/v2\/posts\/114\/revisions"}],"predecessor-version":[{"id":121,"href":"https:\/\/zerontek.com\/zt\/wp-json\/wp\/v2\/posts\/114\/revisions\/121"}],"wp:attachment":[{"href":"https:\/\/zerontek.com\/zt\/wp-json\/wp\/v2\/media?parent=114"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zerontek.com\/zt\/wp-json\/wp\/v2\/categories?post=114"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zerontek.com\/zt\/wp-json\/wp\/v2\/tags?post=114"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}