Convergence of OT and IT:
The convergence of OT and IT defines the progress of most digital transformation projects, bringing in technological advancements across business models and decision-making levels. Where most shop floors were forced to shut down, the integration of IT and OT played a significant role during the ongoing pandemic, helping manufacturers, critical infrastructure segments, and enterprises get back on their feet quickly.
While this achievement is by no means an easy task, the threat and the number of attack surfaces it opened up to was a big win for hackers. An instance of such an attack was when a sphere phishing attack led to a power outage impacting 200,000 people and crippling an entire electric grid for more than 6 hours. How? The threat actor was able to get into the IT network and move laterally to identify the critical OT networks, taking control of the SCADA systems operating in the plant upon which the electrical breakers of substations were opened to wreak havoc. Such attempts to disrupt, hold Ransom, and monetize are only set to get sophisticated in the coming year. A robust OT security vendor like sectrio with the right tools to not only mitigate but to set up a comprehensive cybersecurity program in your organization is a must-have.
Foreign threats and Physical devices:
With the emergence of the new waves of the ongoing pandemic, the fatigue and the stress of working remote/hybrid brought in challenges of their own, resulting in another easy-to-exploit attack surface. While an air-gapped system appears to be the ultimate indicator of security, the threat to such systems could come internally. The threat of social engineering and dead drops helps enable the threat actors to achieve their targets. These attempts come in various forms, such as a USB stick with a ready-to-inject payload and physical devices connected to networks. Devices like a printer, coffee machine, or even your keyboard and mouse connected to your network can be an easy target. These devices are further compromised and weaponized to infiltrate the networks that allow the threat actors visibility and movement required to achieve their targets.
A known example of such an attack would be the infamous Stuxnet. Here the infiltration of a highly secure and air-gapped system of a nuclear power plant gave the threat actor the ability to amend a specific set of programs in PLCs, enabling the centrifuges to spin rapidly, causing physical damage to the devices. The severity of such attacks can be compounded by disabling the SIS or safety Instrumented System, the last line of automated defense in industrial facilities to prevent any catastrophic damage or even incidents that can put lives at risk. TRITON is one such malware that can shut down the SIS.
In the coming days, more attempts to deceive the visibility of devices, trigger sophisticated malware workflows infecting heaps of network, USB sticks with file-less malwares, and much more are expected to make their presence felt in the world of OT.
We at Sectrio urge all to stay vigilant, stay updated with the latest cyber threat intelligence, and make use of the Micro-segmentation and risk management modules designed to secure your operations without any compromises in security.
2022 and compliance:
As expected, with the rising levels of sophistication and the volume of forecasted attacks in the days ahead, compliance mandates set by governments, industry leaders, and independent organizations are likely to be enforced rigorously. Overconfidence in one’s security posture or the lack of can have its impacts ripple upon the innocent ‘bystanders’ without the necessary insights and rigorous audits to secure gaps in networks and patch the unpatched vulnerabilities. Sectrio has been helping organizations comply with cybersecurity mandates, policies and adhere to the best practices in the industry. Take a look into our compliance kits section on our website to find curated documents and information that will help you get your security posture headed in the right direction.
Stay safe and have a wonderful holiday season and a very happy new year!
See how our OT-IoT-IT security solution can handle such threats to your enterprise. Book a no-obligation demo.
Get access to enriched IoT-focused cyber threat intelligence for free for 15 days
Download our CISO IoT and OT security handbook