The Complexities Of Operational Technology Make It Vulnerabe

Uploaded on 2022-01-09 in TECHNOLOGY--Resilience, FREE TO VIEW

A range of critical vulnerabilities affecting hundreds of operational technology (OT) vendors and networks are emerging across various industries, including energy distribution infrastructure, production vehicles and robotics, food and pharmaceuticals.

Typically, these affect operational networks integrated into industrial command and control systems, which, because of their operational complexity, require a high level of sophistication to install cyber security controls.   

The notorious Stuxnet exploit first demonstrated that even air-gapped and heavily supervised networks can be infiltrated, software modified and routine processes sabotaged.  Fifteen years later, the OT environment remains an attack vector due to its environmental complexity.

OT complexity creates broad attack opportunities.  work processes involving reduced interfaces and involvement of IT personnel in working and manufacturing operating environments and due to the difficulty in monitoring operational networks because of the presence of multiple components from different manufacturers and protocols.These also include the ability to import and read different types of protocols into a single, unified screen for cross-referencing and alerting to unusual events. Improving the monitoring capability of OT networks will help better cyber control and protection in operational networks.

The key to planning controls wisely in the face of risks should be based on the analysis of the network’s typology.

The most popular among them is the Purdue model, another model is the Triangular model (based on ISA 95). The advantage of analysing network typology is the ability to associate controls to layers according to the network’s hierarchy and also enables a picture of the state of controls in relation to each layer. One of the trends in recent years is the ability to monitor Level 0, connected with the ability to measure the end physical action. This capacity enables separation and independence in computing and software processes and the ability to manipulate through them. It also enables to base on the final result as a measure and control for the process as a whole.

The adversary’s modes of operation reflect advanced attack competencies, creativity, which is also based on the gathering and use of technologies and tools for preliminary intelligence gathering, the availability of ready made attack tools on the Dark Net, as as well as Zero-Day attack capabilities. 

All these require from the defender creativity, active protection processes that acknowledge the attacker’s capabilities in order to know the gathering methods, such as the use of Shodanto create robust controls capable of defending the boundaries of OT networks. 

Cyber security resilience  can measured, among other parameters, by the period of time and the ability to return to productivity at the work environment after an attack. 

Organisations need to adapt quickly to the expansion of cyber security threats in 2022, particularly to protect critical OT infrastructure. As hybrid work has clearly become the norm across industries and more OT devices connect to corporate networks each day, IT and OT security leaders will need to consolidate teams, policies, tools and reporting to both protect their organisations and to comply with the inevitable flood of new regulations coming down the pike.

Power-Technology:     Gartner:        Verdict:       I-HLS:        Forescout:    Security Magazine

Infosecurity Magazine:       ESET:  

You Might Also Read:

Industrial Companies At Risk As Attacks Double:

 

« Russia Fines Google For Illegal Content Breach
Avoid Being A Victim Of Cyber Crime – Get Audited »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyren

Cyren

Cyren is a cloud-based, Internet security technology company providing threat detection and security analytics.

Centre for International Governance Innovation (CIGI)

Centre for International Governance Innovation (CIGI)

CIGI research areas include Conflict Management & Security which encompass cyber security and cyber warfare.

Bastille

Bastille

Bastille’s patented software and security sensors bring visibility to devices emitting radio signals (Wi-Fi, cellular, IoT) in your organization.

Dubex

Dubex

Dubex is Denmark's leading business-oriented IT security specialist.

Cyber Exchange

Cyber Exchange

Cyber Exchange provides a focal point for UK organisations connected with, or with an interest in, cyber security to connect, engage and collaborate.

AFCON Control & Automation

AFCON Control & Automation

AFCON is a leading global provider of software solutions and services for the smart management of Control & Automation systems in the age of Digital Transformation.

SGCyberSecurity

SGCyberSecurity

SGCyberSecurity is Singapore's No.1 Cyber Security portal. From this platform, you will be able to find useful articles, resources and connect with the security companies for your business needs.

GuardiCore

GuardiCore

GuardiCore is an innovator in internal data center security and breach detection and is transforming security inside data centers and clouds.

Niagara Networks

Niagara Networks

Niagara Networks is a Network Visibility industry leader, with emphasis in 1/10/40/100 Gigabit systems and mission-critical IT and security appliances.

Virgil Security

Virgil Security

Virgil Security provides easy-to-deploy and easy-to-use cryptographic software and services for use by developers and end-users.

GCHQ Apprenticeships

GCHQ Apprenticeships

GCHQ, the UK intelligence and security organisation, offers a unique three-year Cyber Security Degree Apprenticeship with employment on successful completion.

Skudo

Skudo

Skudo is dedicated to creating innovative best-in-class solutions that protect data exchange with the highest level of security and privacy.

Global Cybersecurity Institute - Rochester Institute of Technology (RIT)

Global Cybersecurity Institute - Rochester Institute of Technology (RIT)

At RIT’s Global Cybersecurity Institute, we educate and train cybersecurity professionals; develop new cybersecurity and AI-based knowledge for industry, academia, and government.

Forta

Forta

Forta is a real-time detection network for security & operational monitoring of blockchain activity.

Paragon Cyber Solutions

Paragon Cyber Solutions

Paragon Cyber Solutions provides specialized security risk management and IT solutions to protect the integrity of your business operations.

KnoTra Global

KnoTra Global

KnoTra Global is a next-generation Managed Service provider with a portfolio of services including Cybersecurity Solutions, Network Management, IT Leadership, and Day-to-Day Helpdesk and IT services.