The Complexities Of Operational Technology Make It Vulnerabe

Uploaded on 2022-01-09 in TECHNOLOGY--Resilience, FREE TO VIEW

A range of critical vulnerabilities affecting hundreds of operational technology (OT) vendors and networks are emerging across various industries, including energy distribution infrastructure, production vehicles and robotics, food and pharmaceuticals.

Typically, these affect operational networks integrated into industrial command and control systems, which, because of their operational complexity, require a high level of sophistication to install cyber security controls.   

The notorious Stuxnet exploit first demonstrated that even air-gapped and heavily supervised networks can be infiltrated, software modified and routine processes sabotaged.  Fifteen years later, the OT environment remains an attack vector due to its environmental complexity.

OT complexity creates broad attack opportunities.  work processes involving reduced interfaces and involvement of IT personnel in working and manufacturing operating environments and due to the difficulty in monitoring operational networks because of the presence of multiple components from different manufacturers and protocols.These also include the ability to import and read different types of protocols into a single, unified screen for cross-referencing and alerting to unusual events. Improving the monitoring capability of OT networks will help better cyber control and protection in operational networks.

The key to planning controls wisely in the face of risks should be based on the analysis of the network’s typology.

The most popular among them is the Purdue model, another model is the Triangular model (based on ISA 95). The advantage of analysing network typology is the ability to associate controls to layers according to the network’s hierarchy and also enables a picture of the state of controls in relation to each layer. One of the trends in recent years is the ability to monitor Level 0, connected with the ability to measure the end physical action. This capacity enables separation and independence in computing and software processes and the ability to manipulate through them. It also enables to base on the final result as a measure and control for the process as a whole.

The adversary’s modes of operation reflect advanced attack competencies, creativity, which is also based on the gathering and use of technologies and tools for preliminary intelligence gathering, the availability of ready made attack tools on the Dark Net, as as well as Zero-Day attack capabilities. 

All these require from the defender creativity, active protection processes that acknowledge the attacker’s capabilities in order to know the gathering methods, such as the use of Shodanto create robust controls capable of defending the boundaries of OT networks. 

Cyber security resilience  can measured, among other parameters, by the period of time and the ability to return to productivity at the work environment after an attack. 

Organisations need to adapt quickly to the expansion of cyber security threats in 2022, particularly to protect critical OT infrastructure. As hybrid work has clearly become the norm across industries and more OT devices connect to corporate networks each day, IT and OT security leaders will need to consolidate teams, policies, tools and reporting to both protect their organisations and to comply with the inevitable flood of new regulations coming down the pike.

Power-Technology:     Gartner:        Verdict:       I-HLS:        Forescout:    Security Magazine

Infosecurity Magazine:       ESET:  

You Might Also Read:

Industrial Companies At Risk As Attacks Double:

 

« Russia Fines Google For Illegal Content Breach
Avoid Being A Victim Of Cyber Crime – Get Audited »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ARC Advisory Group

ARC Advisory Group

ARC is a leading technology research and advisory firm with expertise in both information technologies (IT) and operational technologies (OT)

Bit4id

Bit4id

Bit4id provides software and systems for security and identification based on PKI technology.

Herbert Smith Freehills

Herbert Smith Freehills

Herbert Smith Freehills is a leading professional services including data protection and privacy.

IoT Defense

IoT Defense

IoT Defense (IOTD) is a cybersecurity and networking company building solutions that enable the protection of networks and the ever-increasing prevalence of IoT devices.

FileWave

FileWave

FileWave offers a single solution for managing apps, devices, and more for Mac, Windows, and mobile devices.

Norsk Akkreditering

Norsk Akkreditering

Norsk Akkreditering is the national accreditation body for Norway. The directory of members provides details of organisations offering certification services for ISO 27001.

Forgepoint Capital

Forgepoint Capital

ForgePoint Capital is a premier venture investor for early stage cybersecurity companies.

Cynance

Cynance

Cynance are an award-winning, independent cyber security specialist and part of the Transputec family of companies.

BOXX Insurance

BOXX Insurance

BOXX Insurance Inc. is a new type of insurance company for a new type of risk. Cyberboxx is the first fully-integrated cybersecurity and insurance solution for small-to-medium-sized businesses.

Suresecure

Suresecure

Suresecure are a specialised consulting company providing Strategic IT security consulting, Managed Security Services, and Incident Response Management.

Hackuity

Hackuity

Hackuity is a breakthrough technology solution that rethinks the way of managing IT vulnerabilities in enterprises.

Lumifi

Lumifi

Lumifi provide end-to-end cybersecurity resilience solutions with a specialty in managed detection and response (MDR) services.

ViewQwest

ViewQwest

ViewQwest is a regional telecommunications & information technology services company. We specialize in providing Connectivity, Managed Network, Managed SD-WAN, and Managed Security solutions.

Persistent Systems

Persistent Systems

Persistent Systems are a trusted Digital Engineering and Enterprise Modernization partner, combining deep technical expertise and industry experience to help our clients.

Codezero Technologies

Codezero Technologies

Codezero is at the forefront of microservices development, employing an identity-aware overlay network that delivers zero-trust security to DevOps.

Arctera

Arctera

Arctera simplifies data management to keep you secure. Our company operates as three units - Data Compliance, Data Resilience, and Data Protection.