The Growing Threat of Insecure Industrial Control Systems and the Importance of Multi-Factor Authentication
By Matthew Schaefer on March 7, 2025
Executive Summary
Weak authentication mechanisms cause Industrial control systems (ICS) to be susceptible to cyber threats. Successful attacks against ICS cause operational disruptions, payment losses, and safety threats against critical infrastructure. Multi-Factor Authentication (MFA) requires multiple forms of identity verification to enhance security, reducing the risk of unauthorized access. MFA should be implemented to better shield the ICS environment and improve resilience against cyber threats [2].
Background
Industrial control systems (ICS) manage services, such as power, water supply, and manufacturing procedures, that are critical to society. Traditionally, these use single-factor authentication. This makes them more vulnerable since many of these industrial facilities continue to operate on legacy systems designed without cybersecurity in mind [4].
To remediate this problem, engineers started to implement Multi-Factor, or MFA, which is a combination of at least two ways of proving someone’s identification, like a password, security token, or biometrics. Studies show that MFA reduces the risk of unauthorized access [3]. Unfortunately, some ICS face implementation challenges due to legacy incompatibility. Advancing cybersecurity solutions pave ways for industrial users to enhance security without interrupting operations [1].
Effects
Weak authentication mechanisms in ICS pose a serious cybersecurity threat to industrial infrastructures. It can increase systems’ attack surface causing disruption of essential services. This is a weakness in authentication because it allows the adversaries to use various attack techniques, privilege escalation, and remote control of an industrial system that leads to production downtime and economic damage and, in some cases, even physical harm.
Mitigation
ICS should adopt MFA as a basic security measure to counter the risk of unauthorized access. Multi-Factor Authentication is a process that requires that users confirm their identity based on at least two of the following factors: something the user knows (a password), something the user possesses (a security token or mobile device), or something defined by the user’s biology (biometric data). This greatly reduces the possibility of unauthorized entry to sensitive systems and facilities.
Relevance
One trending tactic used by cybercriminals is called Living Off the Land (LOTL). This attack makes use of the built-in tools in a system to avoid detection. This makes it much harder for traditional protection to defend against. Without good authentication defenses, ICS becomes quite vulnerable to those threats which risk national security, public safety, and economic stability.
References
[1] Dragos. (2025, January 14). The 2025 Dragos OT Cybersecurity Year in Review is Coming Soon. The Dragos Blog. https://www.dragos.com/blog/the-2025-dragos-ot-cybersecurity-year-in-review-is-coming-soon/
[2] Kennedy, A. (2023, February 27). Multifactor Authentication: Opportunities and Challenges. Bank Policy Institute. https://bpi.com/multifactor-authentication-opportunities-and-challenges/
[3] McDade, M. (2025, January 3). Multi-Factor Authentication (MFA) Statistics You Need To Know In 2025. Expert Insights. https://expertinsights.com/insights/multi-factor-authentication-statistics/
[4] Reiter, A. (2023, February 27). Multi-Factor Authentication for Industrial Use Cases? Siemens. https://blog.siemens.com/2023/02/multi-factor-authentication-for-industrial-use-cases/
-
New Cybersecurity Regulations Pose Major Shifts for ICS Operators
New Cybersecurity Regulations Pose Major Shifts for ICS Operators
4/4/2025 -
New Threats in Familiar Code: Open-Source Risks in ICS
New Threats in Familiar Code: Open-Source Risks in ICS
4/4/2025 -
The MOVEit Data Breach: Understanding the Risks and Mitigation Strategies
The MOVEit Data Breach: Understanding the Risks and Mitigation Strategies
3/14/2025