The Complexities Of Operational Technology Make It Vulnerabe

Uploaded on 2022-01-09 in TECHNOLOGY--Resilience, FREE TO VIEW

A range of critical vulnerabilities affecting hundreds of operational technology (OT) vendors and networks are emerging across various industries, including energy distribution infrastructure, production vehicles and robotics, food and pharmaceuticals.

Typically, these affect operational networks integrated into industrial command and control systems, which, because of their operational complexity, require a high level of sophistication to install cyber security controls.   

The notorious Stuxnet exploit first demonstrated that even air-gapped and heavily supervised networks can be infiltrated, software modified and routine processes sabotaged.  Fifteen years later, the OT environment remains an attack vector due to its environmental complexity.

OT complexity creates broad attack opportunities.  work processes involving reduced interfaces and involvement of IT personnel in working and manufacturing operating environments and due to the difficulty in monitoring operational networks because of the presence of multiple components from different manufacturers and protocols.These also include the ability to import and read different types of protocols into a single, unified screen for cross-referencing and alerting to unusual events. Improving the monitoring capability of OT networks will help better cyber control and protection in operational networks.

The key to planning controls wisely in the face of risks should be based on the analysis of the network’s typology.

The most popular among them is the Purdue model, another model is the Triangular model (based on ISA 95). The advantage of analysing network typology is the ability to associate controls to layers according to the network’s hierarchy and also enables a picture of the state of controls in relation to each layer. One of the trends in recent years is the ability to monitor Level 0, connected with the ability to measure the end physical action. This capacity enables separation and independence in computing and software processes and the ability to manipulate through them. It also enables to base on the final result as a measure and control for the process as a whole.

The adversary’s modes of operation reflect advanced attack competencies, creativity, which is also based on the gathering and use of technologies and tools for preliminary intelligence gathering, the availability of ready made attack tools on the Dark Net, as as well as Zero-Day attack capabilities. 

All these require from the defender creativity, active protection processes that acknowledge the attacker’s capabilities in order to know the gathering methods, such as the use of Shodanto create robust controls capable of defending the boundaries of OT networks. 

Cyber security resilience  can measured, among other parameters, by the period of time and the ability to return to productivity at the work environment after an attack. 

Organisations need to adapt quickly to the expansion of cyber security threats in 2022, particularly to protect critical OT infrastructure. As hybrid work has clearly become the norm across industries and more OT devices connect to corporate networks each day, IT and OT security leaders will need to consolidate teams, policies, tools and reporting to both protect their organisations and to comply with the inevitable flood of new regulations coming down the pike.

Power-Technology:     Gartner:        Verdict:       I-HLS:        Forescout:    Security Magazine

Infosecurity Magazine:       ESET:  

You Might Also Read:

Industrial Companies At Risk As Attacks Double:

 

« Russia Fines Google For Illegal Content Breach
Avoid Being A Victim Of Cyber Crime – Get Audited »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TCPWave

TCPWave

TCPWave IPAM is the world’s first acclaimed DNS/DHCP management software to pass the most stringent Information security tests.

ICT Reverse

ICT Reverse

ICT Reverse is one of the UK’s leading, fully accredited providers of ICT asset disposal and secure data erasure.

Curricula

Curricula

Curricula's cyber security awareness training delivers short relatable security stories to your employees. We make learning cyber security simple and fun.

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet

Technology Ireland ICT Skillnet is a network of companies who collaborate to address skills needs within the technology sector.

iSecurity Consulting

iSecurity Consulting

iSecurity delivers a complete lifecycle of digital protection services across the globe for public and private sector clients.

Sprint Networks

Sprint Networks

Sprint Networks is a trusted compliance and risk program advisor which deliver cost-effective technology to reduce enterprise-wide risk.

Sentor Managed Security Services

Sentor Managed Security Services

Sentor Managed Security Services is a cybersecurity company that enables organizations to exist in a digitally connected world.

FPG Technologies & Solutions

FPG Technologies & Solutions

FPG Technology is a technology solutions provider and systems integrator, specializing in delivering IT Consulting, IT Security, Cloud, Mobility, Infrastructure solutions and services.

MoogleLabs

MoogleLabs

MoogleLabs leverage AI/ML, Blockchain, DevOps, and Data Science to come up with the best solutions for diverse businesses.

Assured Clarity

Assured Clarity

Assured Clarity are a global consultancy, specialising in Risk Management and Data Privacy, through Education, Awareness and Training, throughout an organisation.

Kubus Hitam

Kubus Hitam

Kubus Hitam are a research-based company focused on cyber security. we strongly believe that innovation and safety are the two keywords for the future business market.

Defendis

Defendis

Defendis develops AI-powered cybersecurity solutions for Government Agencies, Banks, and Businesses, designed to helps them contain data leaks, minimise damage, and proactively hunt for new threats.

Orca Tech

Orca Tech

Orca Tech brings together a portfolio of complimentary vendor in the IT security industry to help provide a complete solution to meet the requirements of our Partners across all sectors.

Continent 8 Technologies

Continent 8 Technologies

Continent 8 Technologies is the leading provider of managed hosting, connectivity, cloud and cybersecurity solutions to the global online gambling industry.

Slide

Slide

Slide is a modern, security-first Business Continuity & Disaster Recovery (BCDR) company built exclusively for Managed Service Providers.

TrustNet

TrustNet

TrustNet helps mid-to-large firms build trust through top-tier cybersecurity, compliance, and consulting—offering complete managed services all in one place.