Legacy industrial control systems can be manipulated because they lack basic digital encryption
Critical infrastructure remains vulnerable to cyberattacks because legacy industrial control systems rely on unencrypted 1970s protocols, allowing hackers to falsify sensor data and manipulate physical hardware remotely.
Legacy industrial control systems (ICS) utilize Modbus and DNP3 protocols designed in the 1970s and 1980s, which lack the digital encryption necessary to verify the authenticity of commands. This vulnerability allows state-sponsored actors to execute man-in-the-middle attacks, falsifying sensor data by 10 to 20 percent to trigger unsafe valve states in water or gas facilities. Unlike standard IT firewalls that block 99 percent of exploits, these air-gapped networks often fall victim to 500-kilobyte payloads delivered via simple USB vectors.
There's more to this story — open the app to keep reading.