The Complexities Of Operational Technology Make It Vulnerabe

Uploaded on 2022-01-09 in TECHNOLOGY--Resilience, FREE TO VIEW

A range of critical vulnerabilities affecting hundreds of operational technology (OT) vendors and networks are emerging across various industries, including energy distribution infrastructure, production vehicles and robotics, food and pharmaceuticals.

Typically, these affect operational networks integrated into industrial command and control systems, which, because of their operational complexity, require a high level of sophistication to install cyber security controls.   

The notorious Stuxnet exploit first demonstrated that even air-gapped and heavily supervised networks can be infiltrated, software modified and routine processes sabotaged.  Fifteen years later, the OT environment remains an attack vector due to its environmental complexity.

OT complexity creates broad attack opportunities.  work processes involving reduced interfaces and involvement of IT personnel in working and manufacturing operating environments and due to the difficulty in monitoring operational networks because of the presence of multiple components from different manufacturers and protocols.These also include the ability to import and read different types of protocols into a single, unified screen for cross-referencing and alerting to unusual events. Improving the monitoring capability of OT networks will help better cyber control and protection in operational networks.

The key to planning controls wisely in the face of risks should be based on the analysis of the network’s typology.

The most popular among them is the Purdue model, another model is the Triangular model (based on ISA 95). The advantage of analysing network typology is the ability to associate controls to layers according to the network’s hierarchy and also enables a picture of the state of controls in relation to each layer. One of the trends in recent years is the ability to monitor Level 0, connected with the ability to measure the end physical action. This capacity enables separation and independence in computing and software processes and the ability to manipulate through them. It also enables to base on the final result as a measure and control for the process as a whole.

The adversary’s modes of operation reflect advanced attack competencies, creativity, which is also based on the gathering and use of technologies and tools for preliminary intelligence gathering, the availability of ready made attack tools on the Dark Net, as as well as Zero-Day attack capabilities. 

All these require from the defender creativity, active protection processes that acknowledge the attacker’s capabilities in order to know the gathering methods, such as the use of Shodanto create robust controls capable of defending the boundaries of OT networks. 

Cyber security resilience  can measured, among other parameters, by the period of time and the ability to return to productivity at the work environment after an attack. 

Organisations need to adapt quickly to the expansion of cyber security threats in 2022, particularly to protect critical OT infrastructure. As hybrid work has clearly become the norm across industries and more OT devices connect to corporate networks each day, IT and OT security leaders will need to consolidate teams, policies, tools and reporting to both protect their organisations and to comply with the inevitable flood of new regulations coming down the pike.

Power-Technology:     Gartner:        Verdict:       I-HLS:        Forescout:    Security Magazine

Infosecurity Magazine:       ESET:  

You Might Also Read:

Industrial Companies At Risk As Attacks Double:

 

« Russia Fines Google For Illegal Content Breach
Avoid Being A Victim Of Cyber Crime – Get Audited »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Digital Forensics Inc (DFI)

Digital Forensics Inc (DFI)

Digital Forensics Inc. is a nationally recognized High Technology Forensic Investigations and Information System Security firm

Qualitèsoft Technology

Qualitèsoft Technology

Qualitèsoft Technology is a leading Software Development and Quality Assurance organization. We specialize in Custom Development, Mobile Application, Software Testing and Quality Assurance.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

aeCERT

aeCERT

aeCERT is the national Computer Emergency Response Team for the United Arab Emirates.

D-Fence

D-Fence

D-Fence high availability security service protects corporate email communication, the company and it's employee's against cyber threats.

Vitrociset

Vitrociset

Vitrociset design complex systems for defence, homeland security, space and transport. Activities include secure communications and cybersecurity.

Cyber Execs

Cyber Execs

Cyber Execs is a Cyber Security Consultancy & Executive Recruitment firm.

NuSummit

NuSummit

NuSummit (formerly NSEIT) specializes in empowering financial services firms to navigate complex challenges with cutting-edge, technology-driven solutions.

Samoby

Samoby

Samoby provide a subscription solution for Mobile Threat Protection and usage control on Android and iOS devices.

Intel Capital

Intel Capital

Intel Capital, Intel's strategic investment organization, backs innovative technology startups and companies worldwide. We invest in a broad range of hardware, software, and services.

TRU Staffing Partners

TRU Staffing Partners

TRU Staffing Partners is an award-winning contract staffing and executive search firm for cybersecurity, eDiscovery and privacy companies and professionals.

The Security Bulldog

The Security Bulldog

The Security Bulldog distills and assimilates open source cyber intelligence to enable security teams to understand threats more quickly, make better decisions, and accelerate detection and response.

MyKRIS Asia

MyKRIS Asia

MyKRIS specialise in providing and managing Internet network services and cyber security services to enterprises.

Silobreaker

Silobreaker

Silobreaker is a SaaS platform that enables threat intelligence teams to produce high-quality and relevant intelligence at a faster pace.

Eleviant Tech (CTG Group)

Eleviant Tech (CTG Group)

Eleviant Tech (CTG Group) is a USA based digital transformation company with expertise in Mobile, Cloud, Web, IoT, AR, RPA, Cyberseurity and AI Technologies.

Cytracom

Cytracom

Cytracom delivers powerful yet intuitive solutions that enable MSPs and ITSPs to meet the challenges of security, compliance, and connectivity.