ST. LOUIS--(BUSINESS WIRE)--Belden Inc. (NYSE: BDC), a global leader in signal transmission solutions for mission-critical applications, announces that its Tofino Security brand has published new research showing that patching is often ineffective in providing protection from the multitude of vulnerability disclosures and malware targeting critical infrastructure systems today. While patching such systems is important as part of an overall Defense in Depth strategy, the difficulties of patching for industrial systems mean that compensating controls such as Tofino Security Profiles are often a better method of providing immediate protection.
My research highlights the multiple challenges with patching for SCADA and ICS systems
Since the discovery of the Stuxnet malware in 2010, industrial infrastructure has become a key target for security researchers, hackers, and government agents. Designed years ago with a focus on reliability and safety, rather than security, Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) products are often easy to exploit. As a result, there has been exponential growth in government security alerts for these systems in the past two years. In addition, they have attracted some of the most sophisticated (Stuxnet, Night Dragon, Flame) and damaging (Shamoon) cyberattacks on record.
Eric Byres, CTO and vice president of engineering at Tofino Security, investigated the effectiveness of patching for protecting control systems from vulnerability exploits and malware. His work revealed that:
The number of vulnerabilities existing in SCADA/ICS applications is high, with as many as 1,805 yet to be discovered vulnerabilities existing on some control system computers.
The frequency of patching needed to address future SCADA/ICS vulnerabilities in both controllers and computers likely exceeds the tolerance of most SCADA/ICS operators for system shutdowns. Unlike IT systems, most industrial processes operate 24x7 and demand high uptime. Weekly shutdowns for patching are unacceptable.
Even when patches can be installed, they can be problematic. There is a 1 in 12 chance that any patch will affect the safety or reliability of a control system, and there is a 60% failure rate in patches fixing the reported vulnerability in control system products. In addition, patches often require staff with special skills to be present. In many cases, such experts are often not certified for access to safety regulated industrial sites.
Patches are available for less than 50% of publically disclosed vulnerabilities.
Many critical infrastructure operators are reluctant to patch as it may degrade service and increase downtime.
When patching is not possible, or while waiting for a semi-annual or annual shutdown to install patches, an alternative is to deploy a workaround, also known as a compensating control'. Compensating controls do not correct the underlying vulnerability; instead, they help block known attack vectors. Examples of compensating controls include product reconfigurations, applying suggested firewall rules, or installing signatures that recognize and block malware.
Another compensating control is Tofino Security Profiles, available in Belden's Tofino Security product line. Tofino Security Profiles are rule and protocol definitions that address newly disclosed vulnerabilities. They provide a simple way for automation system vendors to create and securely distribute malware protection. Operators benefit from a single, easy-to-deploy package of tailored rules that can be installed without impacting operations. The result is that critical industrial infrastructure facilities can quickly and effectively defend themselves against new threats.
My research highlights the multiple challenges with patching for SCADA and ICS systems, remarked Eric Byres. To secure facilities, critical infrastructure operators should pursue a Defense in Depth strategy that includes patching when possible, and use compensating controls for protection when patching is not possible.
Starting today, Belden is publishing a series of blog articles on its patching research and is accompanying them with useful documents. These documents include:
Patching for Control System Security - A Broken Model?; a presentation that summarizes its patching research,
Patching for Control System Security - A Broken Model? a peer reviewed published paper,
and Solving the SCADA/ICS Security Patch Problem, a White Paper.
Visit: http://www.tofinosecurity.com/blog/scada-security-welcome-patching-treadmill for the first blog article.
Tofino Security provides practical and effective industrial network security and SCADA security products that are simple to implement and that do not require plant shutdowns. Its products include configurable security appliances with a range of loadable security modules plus fixed function security appliances made for specific automation vendor applications. Tofino Security products protect zones of equipment on the plant floor, and are complementary to Belden's Hirschmann brand, which leads industrial networking solutions. Both groups service and secure industrial networks in the oil and gas, utilities, transportation and automation industries. www.tofinosecurity.com
About Belden
St. Louis-based Belden Inc. designs, manufactures, and sells connectivity solutions for markets including industrial, enterprise, and broadcast. It has approximately 6,700 employees, and has manufacturing capabilities in North America, South America, Europe, and Asia, and a market presence in nearly every region of the world. Belden was founded in 1902, and today is a leader with some of the strongest brands in the signal transmission industry. For more information, visit www.belden.co
Most recent headlines
17/02/2025
TVBEurope talks to the team who brought a piece of broadcasting history back to life on BBC Wales last night
By Jenny Priestley
Published: February 14, 2025 ...
17/02/2025
Eligible studios will receive the relief directly from their local authorities, with no need to submit a claim
By Matthew Corrigan
Published: February 17, 20...
17/02/2025
As DEI initiatives come under pressure in the USA, supporters of Rise, which promotes diversity in the media and entertainment sector, discuss the continuing im...
17/02/2025
EIB Global loan will partially fund SES's continued O3b mPOWER medium earth orbit (MEO) fleet expansion enabling additional capacity worldwide. O3b mPOWER s...
15/02/2025
At Nielsen, Business Resource Groups (BRGs) play a critical role in nurturing a ...
15/02/2025
Innovation to empower creativity: Explore the latest in Lightroom
Rob Christensen February 15, 2025
0 Comments
Whether you want to remove distracting ...
15/02/2025
Wisycom, a worldwide leader in RF technology and provider of wireless solutions, announces a new distribution agreement with EQUAPHON. An Argentinian profession...
15/02/2025
DPA Microphones, the leading manufacturer of high-quality microphone solutions, is pleased to welcome Nicholas Nick Mariano and Vincent Vince Divine to the ...
15/02/2025
Tuxera, a leading provider of quality-assured file systems and networking solutions, will showcase how Tuxera Fusion SMB enables unprecedented performance for m...
15/02/2025
Bitmovin's latest Video Developer Report indicates an increasing role of AI, the slow adoption of next-generation codecs, and continuing challenges when it ...
15/02/2025
When Michelin Enterprises set out to promote its prestigious Hotel Guide in the new Sleepless in the Kitchen , campaign, veteran German/Slovenian gaffer Robert...
15/02/2025
Formula E, the world's first all-electric racing series, revolutionizing motorsport with cutting-edge technology and a commitment to sustainability has sele...
15/02/2025
Agile Content, a global leader in TV and video technology solutions, announces its rebranding to AgileTV.
The transition to AgileTV stems from a commitment to ...
15/02/2025
Hiltron Communications will promote the latest additions to its range of satellite communication products, systems and supporting services at GovSatCom 2025. Th...
15/02/2025
Following the success of the original Airglow Booklight, DoPchoice debuts a new addition to their inflatable line the Float. This lightweight, inflatable, round...
15/02/2025
LAS VEGAS Marshall Electronics has announced that it will debut its newest camera controller, the RCP Plus, at the 2025 NAB Show at Booth N2649 between April 5 ...
15/02/2025
ATLANTA Gray Media has named Blake Sebo as the next general manager of KTUU and KYES, Gray's NBC and CBS affiliates in Anchorage, Alaska....
15/02/2025
KOKKEDAL, Denmark DPA Microphones will feature its new CORE+ technology for distortion-free microphone sound at the 2025 NAB Show, April 5-9, in Las Vegas....
15/02/2025
SWANSEA, U.K. QuickLink will launch StudioPro-NDI and StudioPro-3, two new models of its QuickLine StudioPro video production platform, at the 2025 NAB Show, Ap...
15/02/2025
Live From 2025 NBA All-Star Game Weekend: After 25 Years, Turner Sports All-In F...
15/02/2025
NASCAR Driver Cam on Max Embraces Cloud-Based Workflow for 2025 Season Chris Brown of WBD Sports says Mobii will play key part in delivering signals from the tr...
14/02/2025
Last month, we officially launched the Spotify Partner Program, a powerful new m...
14/02/2025
From an island off the coast of Lutruwita to the global stage in France SBS & ...
14/02/2025
The future of electro-optical/infrared (EO/IR) land systems is evolving so that ...
14/02/2025
Here are 5 reasons why you should attend ISE 2025
Discover more about Calrec: Learn more about Calrec's legacy of innovation in broadcast audio solutions ...
14/02/2025
World Radio Day: On the same wavelength
By Graham Murray, International Sales Manager at Calrec
To mark World Radio Day, Calrec's International Sales Ma...
14/02/2025
DALLAS and TYSONS, Va. Tegna has concluded a broadcast rights agreement that makes Tegna's KFAA in Dallas the exclusive local television partner of the Dall...
14/02/2025
Amazon's Prime Video has released a new app for Apple TV that the streamer said delivers an improved streaming experiences with faster scrolling, improved s...
14/02/2025
CLEVELAND Telos Alliance announced a software update for its Axia Quasar XR and SR line of audio-over-IP (AoIP) mixing consoles and will show the offering at th...
14/02/2025
Puget Systems Returns to HPA Tech Retreat 2025 with New Analysis Tools for Puge...
14/02/2025
Glass Animals: Tour of Earth Uses Blackmagic Live Production Workflow
Brie Clayton February 14, 2025
0 Comments
80six deploys Blackmagic URSA Broadcas...
14/02/2025
A dispute between Paramount and Youtube TV that would have pulled CBS stations and Paramount's cable channels from the streaming service has been temporaril...
14/02/2025
Colourist Deidre (Dee) McClelland details how she helped shape the distinct look and feel of whimsical Oscar-nominated stop-motion film, Memoir of a Snail
By C...
14/02/2025
BitFire said it intends to introduce forward-looking services that simplify the launch of live production workflows, and enhance real-time collaboration
By Jen...
14/02/2025
The claim by the liquidators is the latest twist in the ongoing saga of the companys collapse at the end of 2021
By Matthew Corrigan
Published: February 14, ...
14/02/2025
A carriage dispute between YouTube TV and Paramount could come to a head today (Feb. 13), with the virtual pay TV provider threatening to pull all of the progra...
14/02/2025
ENGLEWOOD CLIFFS, N.J. LG Electronics USA has opened a new in-house, state-of-the-art virtual production studio at its 360,000-square-foot North American headqu...
14/02/2025
NEW YORK In a bid to help local broadcasters find new ways of monetizing their content, the Coalition for Innovative Media Measurement (CIMM) and TVB have relea...
14/02/2025
WASHINGTON Three Democratic U.S. Senators have sent a stern letter blasting FCC Chair Brendan Carr for the weaponization of the agency for attacking broadcast...
14/02/2025
Years after launching the streaming service Apple TV+ in November of 2019, Apple has finally released a version of its steaming app for Android devices....
14/02/2025
FOOTHILL RANCH, Calif. Red Digital Cinema will make its V-RAPTOR [X] and KOMODO-X camera systems available with Nikon's premier Z Mount, providing filmmaker...
14/02/2025
DAYTONA, Fla. The Fox Sports production of this year's Daytona 500 will see the addition of a few new tech elements and the continued unfolding of the broad...
14/02/2025
Watch Bryson Battles Blind Audition on The Voice Get a Four-Chair Turn Michael Bubl said the Boston Conservatory at Berklee musical theater senior might have...
14/02/2025
2025 Daytona 500: FOX Sports Looks To Ride Super Bowl LIX Momentum Into NASCAR S...
14/02/2025
14 Feb 2025
VEON's Kyivstar and the Come Back Alive Foundation Raise USD 2....
14/02/2025
Max Renews THE PITT, Starring Noah Wyle, For A Second Season
Max
Warner Bros. Television Group
The Pitt
New Episodes Of The Medical Drama From John...
14/02/2025
This year, Technicolor proudly celebrates 110 years of shaping the magic of cinema pioneering color, visual effects, and innovation that bring unforgettable l...
14/02/2025
NBA All-Star: More Games, More Teams, More Music, More Sound From the Court Turner Sports' team will deploy familiar tech to capture all the audio By Dan D...
14/02/2025
LIV Golf Continues To Innovate With Drones, Data-Driven Graphics, and All-Access...
ST. LOUIS--(BUSINESS WIRE)--Belden Inc. (NYSE: BDC), a global leader in signal transmission solutions for mission-critical applications, announces that its Tofino Security brand has published new research showing that patching is often ineffective in providing protection from the multitude of vulnerability disclosures and malware targeting critical infrastructure systems today. While patching such systems is important as part of an overall Defense in Depth strategy, the difficulties of patching for industrial systems mean that compensating controls such as Tofino Security Profiles are often a better method of providing immediate protection. 
