The risk of attacks against ICCP servers is high and can have severe implications. Protecting the ICCP server mitigates the attacker’s possibility to propagate the attack over the network and special solutions are needed to do so.
Different attack scenarios are plausible against ICCP servers, each with a different level of impact:
- Eavesdropping or tampering with process control data.
- Denial-of-service attacks, or remote code execution in the ICCP server application. By exploiting vulnerabilities in the implementation, and consequently disrupting the availability and/or integrity of the server.
- Arbitrary code execution on the ICCP server machine. By exploiting vulnerabilities in the implementation of the ICCP application, or in any other services running in the machine, arbitrary code is executed, privileges are escalated, and consequently the machine is taken over. New attacks can thereafter be launched against either the local SCADA/ICS systems or against other ICCP servers.
Read this solution description and learn how to protect your ICCP server!
