![]() ![]() To counter cyber threats and address OT/IT convergence, critical infrastructure ICS asset owners should apply a comprehensive risk framework including standard concepts such as security by design, defense-in-depth, and Zero Trust. All these specifications point to the standardized NIST standardized Cyber Security Framework (CSF), which many organizations have yet to adopt. The government has provided clear guidance on secure design and risk assessments through the ISA/IEC 62443, NERC CIP, NIST 800-53, ISO 270001, ISA/IEC 62443, TSA Pipeline, DHS CFATS, and ISA S99 series of standards. This dynamic may create more challenges for OT operations. Government regulations are rapidly advancing in response to organizational shifts toward more remote operations during the pandemic. The evolution of cryptocurrencies has made matters worse by allowing criminals to easily hide digital payouts with little risk of intervention from law enforcement. The evidence in 2021 showed that criminal threat actors are using machine learning and relying on the coordinated sharing of exploits on the dark web to increase their phishing exploit sophistication. Department of the Treasury reported that the $590 million in ransomware activity during the first six months of 2021 completely eclipsed the $416 million in activity for the entirety of 2020. The ease of ransomware services combined with its profitability potential and the remote nature of work throughout the COVID-19 pandemic has made ransomware a go-to weapon for attackers. ![]() Ransomware has been around for almost two decades, but it’s definitely not old news. #2: Ransomware as a cyber weapon of choice And these efforts require a mindset shift in security principles based on OT priorities availability, integrity, confidentiality rather than the opposite. Asset owners need to establish effective tactics, techniques, and procedures (TTPs) that are purpose-built for OT. And typical security measures, such as AV, EDR, SIEM, SOAR, and SSO solutions, including authentication, authorization, and auditing (AAA) services, are of little use. The problem is that in most OT ecosystems cybersecurity hygiene is limited. With IT/OT convergence, interconnected control systems now co-mingle with IT boundary business networks, leading to additional security risks from cross contamination of traffic from LAN, WAN, Internet, Wi-Fi, control networks, and CIP protocols. Existing circumstances are ripe for a tsunami of attacks against ICS, OT, IIoT, and IoT systems that are no longer proprietary, isolated, or on air-gapped networks. The move toward Industry 4.0, with its emphasis on process automation and real-time data gathering and exchange plays an outsized role. Several factors have contributed to the massive expansion of the global cyberattack surface. ![]() To proactively secure mission critical OT, organizations need to consider the following points as they plan their cybersecurity strategies for 2022 and beyond. Ensuring critical safety of life, preventing environmental hazards, and minimizing interruptions to processes and operations are all considerations when securing against today’s cyber threats. Feeble in-depth defenses from the edge to the data center across proliferating managed and unmanaged devices and assets in today’s manufacturing and utility networks gives adversaries an upper hand for easily perpetrating attacks. The increasing frequency and sophistication of successful OT cyberattacks serves as a wake-up call to all asset operators, controls engineering teams, IT network operations, and cybersecurity teams, IT and OT alike. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |