Operating Technology Security Issues Are Increasing

Operational Technology (OT) and Industrial Control Systems (ICS) have become more and more vulnerable to cyber attacks. 

As more cyber-physical manufacturing systems become connected, accessibility to these networks from the Internet and the cloud requires defenders to have timely, useful vulnerability information to inform risk decisions. 

OT cyber security references the software, hardware, practices, personnel, and services deployed to protect operational technology infrastructure, people, and data. As data collection and analysis become more important and as IT and OT converge to enable “big data” initiatives, it has become necessary to reassess cyber security best practices for protecting OT. 

Industrial Control System (ICS) security is defined as the protection of industrial control systems from threats from cyber attackers. It is often referred to as OT security or security. It includes a wide range of practices including asset inventory & detection and vulnerability management.

ICS (or ) Security is growing in importance as cyber attacks increasingly focus on physical processes for either ransom or to cause harm to critical production systems.

Attacks such as those at the Oldsmar water treatment plant, the various ransomware attacks on the vaccine supply chain, and the more extensive threats to the Ukrainian and US power grids and oil refineries in the Middle East generate greater worry for boards, governments, and operators of industrial organisations.

There was a significant increase in ICS vulnerabilities during the second half  of 2021, with a 25% increase from the previous six months. 50% of vulnerabilities reported in the four year period were disclosed by third-party companies, and a majority of these were discovered by researchers at cybersecurity companies. This saw them shift their focus to include ICS alongside IT and IoT security research.

Non-OT products made up 34% of ICS vulnerabilities reported in 2021, and that indicates a trend of businesses merging OT, IT and IoT under a single security umbrella.

The experts at ICS security firm Claroty suggest that calling a world devoid of distinctions between operational tech, informational tech and Internet of things devices the “extended Internet of things” (XIoT), “an umbrella term that captures the cyber-physical systems critical to our lives.”

The risks associated with connecting OT, ICS and IoT networks to Internet-facing systems go beyond devices and endpoints. 

  • 87% of all ICS vulnerabilities reported in 2H 2021 were considered low complexity, meaning an attacker doesn’t need any special conditions and can expect repeated success.
  • 63% of vulnerabilities disclosed in the same timeframe could be executed remotely, and 53% gave attackers the ability to remotely execute code.

The recommendation is for organisations to segment the network. “Network segmentation is the top step, and should be a top consideration for defenders ahead of other options on our list,” say Claroty.

Organisations should configure virtual zones so they can be easily managed remotely, give zones specific policies tailored to the specific needs of the users in that zone and be sure they reserve the ability to inspect traffic, including OT protocols.

Claroty / Team82:       Mission Secure:     I-HLS:     Security Brief:      ZDNet:      Verve Industrial:

You Might Also Read: 

The Importance Of Securing OT Platforms:

 

« Only A Few Employees Cause The Majority Of Breaches
Conti Operates Like A Sophisticated Corporation »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Leonardo

Leonardo

Leonardo (formerly Finmeccanica) is a global high-tech company in Aerospace, Defence, Security & Information Systems including Cybersecurity & ICT solutions.

Synovum

Synovum

Synovum was formed with the intention to provide high quality advice, consultancy, training and project management services to clients in all sectors of industry.

Cyberlytic

Cyberlytic

Cyberlytic applies artificial intelligence to combat the most sophisticated of web application threats, addressing the growing problem of high volumes of threat data.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

Conscia

Conscia

Conscia provides IT infrastructure solutions and 24/7 services in network, data center, security and mobility.

Cymbel

Cymbel

Cymbel provides businesses and government agencies with the tools and expertise they need to manage the most complex security and compliance challenges.

RiskCentric

RiskCentric

RiskCentric is a consultancy specializing in risk management and compliance.

Garrison

Garrison

Garrison SAVI® is a unique technology for secure remote browsing that can dramatically change the risk profile for enterprise cyber security.

Pathway Forensics

Pathway Forensics

Pathway Forensics is a leading provider of computer forensics, e-discovery services and digital investigations.

Center for Research on Scientific & Technical Information (CERIST)

Center for Research on Scientific & Technical Information (CERIST)

CERIST is a scientific and technical research centre with activities focused in the area of networks, information systems and IT security.

SecZetta

SecZetta

SecZetta provides third-party identity risk solutions that are easy to use, and purpose built to help organizations execute risk-based identity access and lifecycle strategies.

Unit21

Unit21

Unit21 helps protect businesses against adversaries through a simple API and dashboard for detecting and managing money laundering, fraud, and other sophisticated risks across multiple industries.

Cyber Griffin

Cyber Griffin

Founded by the City of London Police in 2017, Cyber Griffin is an initiative that supports businesses and individuals in the Square Mile to protect themselves from cyber crime.

Lockheed Martin

Lockheed Martin

Lockheed Martin deliver full-spectrum cyber capabilities and cyber resilient systems to defense, intelligence community and global security customers.

Mode Solutions

Mode Solutions

Mode guarantee IT performance where you need it most, creating seamless and secure solutions that will alleviate pressure from your business.

Josef Ressel Centre for Intelligent & Secure Industrial Automation

Josef Ressel Centre for Intelligent & Secure Industrial Automation

The Josef Ressel Centre for Intelligent and Secure Industrial Automation investigates the fundamentals of digital assistants for industrial machines that enable intelligent and secure operation.