OEMs Ignored It, but 12,164 People Didn’t – What’s Next for ICS Security?

Analysis of Feedback on LinkedIn Article: "Back to the 90s – Security Through Obscurity"

My post sparked significant engagement, with 12,164 impressions, 82 reactions, 63 comments, and 45 reposts. It resonated with professionals in ICS security, OT security consulting, cybersecurity authors, and automation engineers. Here's a breakdown of key ideas from the feedback.

1. Strong Agreement on OEM Negligence

• Many professionals agreed that OEMs are failing to address network monitoring and security gaps in ICS.
• Some, like Mauro Chiesa , suggested that many OEMs might not even be fully aware of the vulnerabilities.
• Others, such as Matthew Lloyd-Davies , argued that OEMs absolutely know about these flaws but prioritize their business model over security.

Takeaway: There is a consensus that OEMs are not proactive enough, making this an area worth highlighting in future posts.

OEM Negligence, however, what they can do about it if they depends on crappy, limited, sloppy, bad designed operating systems and its libraries?

2. Debate Over Physical Security vs. Cyber Threats

• Serdar S. pointed out that if an attacker gains unauthorized physical access, cybersecurity alone won’t help.
• Zacharey Lambert and Gregory Martz agreed, emphasizing that once physical access is granted, all bets are off.
• Some users took the argument further, stating that a power station should be secured like a bank or a military facility.

Takeaway: While network security is crucial, there is strong industry focus on physical security and insider threats. Future posts could explore how both cybersecurity and physical security must be integrated into risk planning.

Both cybersecurity and physical security must be integrated into risk planning.

3. Concerns About Demonstration Context

• Several users: Marco Bera , Olivier Houle , Marcel Rick-Cen ) questioned the technical details of your attack demo, asking: What exactly happens when the cable is plugged in? Which vulnerabilities are exploited? How does it bypass existing defenses?
• Marcel Rick-Cen accurately guessed the technical setup (HAK5, keystroke injection, malformed HTTP requests, Siemens S7-1200 crash).
• Others ( Matthew Lloyd-Davies , Harm ter Veer) suggested that such an attack would not be the biggest risk compared to insider threats or remote exploits.

Takeaway: Future posts should clarify the technical aspects of your demonstrations, ensuring that they showcase realistic attack vectors. This could strengthen credibility and drive more productive discussions.

Well, its very easy to swap ten cables to ten operators ... is there easier attack vector ;-) ?

4. Discussion on Practical Security Measures

• Tomá? Froněk (Siemens) shared a network security guide for industrial environments, showing that OEMs are not entirely inactive.
• Petr Roupec responded by reinforcing the point that these security flaws exist in live systems despite guidance being available.
• IIoTNext - Robust IIoT Ecosystem for Edge and Cloud Applications suggested specific solutions for OT security.

Takeaway: There is room for a more solutions-driven discussion—perhaps a post outlining practical steps companies should take beyond blaming OEMs.

Be ready, have disaster recovery plan

5. OEM Accountability & Regulatory Gaps

• Several comments echoed the broader concerns from your other articles: OEMs exploit their market power. Their updates disrupt ICS stability. They refuse to take responsibility for security flaws.
• The discussions align with your previous posts about software manufacturers avoiding accountability and the dangers of forced updates.

Takeaway: The lack of accountability in the industry remains a powerful topic that you should continue to address.

What resonated with the audience of this article

? Challenging OEMs directly—this drew strong reactions and aligned with industry frustrations.

? Highlighting real ICS security gaps—especially network monitoring, a widely agreed-upon problem.

? Engagement from top industry professionals, which signals credibility and reach.