This audio was created using Microsoft Azure Speech Services
For many years the traditional information technology (IT) and operations technology (OT) systems remained distinct domains managed by different corporate resources, but this paradigm is undergoing a radical change as OT systems now are connected to the same networks as IT resources with Internet Protocol (IP) addresses and exposed control or management interfaces.
In a previous time, the OT systems ran on dedicated networks or where serially connected on their own bus, using exotic and not well understood protocols such as DNP and Modbus. Traditional network security devices were unable to “see” nor manage these devices. Now these devices are being connected to the traditional network, or even in some cases, the Internet in order to enable anytime, anywhere access on demand. This convenience, however, is not without substantial risk to both the IT and OT systems.
As we witnessed with STUXNET, Flame and other related malware, the jump from IT to OT is happening in front of our eyes, sometimes with catastrophic outcomes. Much of the OT world has not been trained nor prepared to manage this new set of operational cyber risks and as such is often an easy target for skilled hackers.
Perhaps more alarming, many of these OT systems reside on hospital floors, control rooms, transportation systems and control the electrical grids of many countries. So when attacks occur or the SCADA/Industrial Control Systems are compromised, the hackers may inflict physical damage on a small to mass scale.
While one may argue that remote access and monitoring of these critical systems is important to ensure remote management and data analytics, the risks are real. What makes these OT systems more difficult to secure, is the difference between classical IT resources where “private information” is usually the focus of protection at all layers, from people to firewalls. With OT systems, it’s the integrity of the command sets, logic and access to perform changes to the programmable logic that’s at risk.
Still more concerning is the fact that most companies are still playing catch up on the traditional IT areas such as ISO 27002, PCI-DSS, HIPAA and related security best practices. Preparedness for an OT attack is very limited, if at all existent. Much of the OT infrastructure sits outside the datacenter and may not fall under the umbrella of the CIO or chief information security officer (CISO). It therefore may represent a “shadow” infrastructure, one in which there is limited visibility and potential for significant risk and damage.
With the emergence of the “Internet of Things” (IoT), traditional security vendors are starting to secure this shadow operational IT infrastructure. New firewall technology, intrusion detection and other measures are being developed to address the next generation of the Internet where these devices are part of the fabric.
In a series of follow-on blog posts, we will explore the methods, tools and services being deployed to protect the next generation of Internet where websites co-exist with systems that control critical infrastructure.
In the meantime, feel free to browse our solutions that can help you protect your equipment and systems.
Conversation
Rudi Schubert
11 years ago
In present days people must be know about the most important topic like free energy consumption. Mr. Rudi Schubert write small note but brief summery about this topic.
michael Trinca
10 years ago
I wish to sign up for the email newsletter. The link does not work from my PC.
Nick Blandford
10 years ago
Hi Michael – Please try the link again. If it still doesn’t work, please copy and paste this URL into your browser – https://preferences.schneider-electric.com
Thanks
Paul Forney
10 years ago
Awesome capture of the cyber-state of our market, George. I will share this out. So many in our industry think that control systems are isolated and not on the Internet, or safe behind firewalls. Just Google Shodan to get a better perspective on this misconception. The bridge between OT and IT needs help in both directions. A good place to get the updated vocabulary for both groups is the GICSP certification.
Rob van den Bos
8 years ago
A true source of adequate information