by Nigel Stanley, CTO at TUV Rheinland
Operational technology (OT) based solutions – where computerised systems control a physical output or detect a physical effect – have become an area of increased focus for cyber-attacks. This has now become a real concern for enterprises whose production systems, manufacturing plants, industrial control systems and processing infrastructure are under constant threat.
Cyberattacks are a very real risk. Criminals have identified these OT systems as prime targets as they’re often connected to poorly secured networks, the compromise of which could result in substantial monetary returns for cyber criminals thanks to ransoms, intellectual property theft and espionage.
The ‘retro’ approach to addressing this risk consists of completely disconnecting critical systems not only from the public network, but also from closed internal networks. This approach has gained traction recently with some politicians demanding that critical systems be air-gapped or physically disconnected to defend them from potential attacks.
Unfortunately, this might not be the most effective way to protect operational technology from motivated attackers. It might, in fact, have the counterproductive effect of creating a sense of false security in cybersecurity teams.
Attackers are resourceful
A motivated attacker will find creative ways around most preventative controls, including air-gaps. Even without being attached to a wider network, connections abound, and systems light up with data flows often without the company knowing about it. There are many ways in which cybercriminals can achieve this, some more creative than others, some not farfetched at all.
The underestimated, humble USB is an example of how an attacker could bridge OT air gaps. Often seen openl ..
Support the originator by clicking the read the rest link below.
