Attackers will always find new ways to penetrate systems, and companies are continually assessing how their systems might be attacked and how much money it will cost to protect them. Here, Philippe Willems, engineering manager at Ovarro, the specialist in remote telemetry systems, discusses the enduring challenge for critical infrastructure companies and what it means for suppliers.
According to research by Cybersecurity Ventures, the cost of cybercrime is predicted to hit $8 trillion (€7.36trl) in 2023 and grow to $10.5 trillion (€9.66trl) by 2025.
For any critical infrastructure company, the biggest cybersecurity hazard is an attacker taking control of its IT or operational technology (OT) systems to steal data, or block and disrupt operations. This risk is heightened because many of these companies still use legacy systems installed many years, if not decades, ago. These systems have minimal cybersecurity features, if any. They present a huge digital attack surface, which means there are many pathways along which a would-be attacker can gain unauthorised access to the company’s computers or networks. Protecting this insecure legacy infrastructure may seem like a daunting challenge. The main task for managers for critical infrastructure companies is to update or protect their existing control systems. But how should they go about this? Here are five questions to help these companies protect their systems from attacks.
Who is behind threats and attacks to critical infrastructure, and what are their motives?
There are three main attacker types. Those who hack for the sake of doing it — they are perhaps the least concerning. Then there are attackers who want to block access to computer systems using malicious software, such as ransomware, until a sum of money is paid. The most dangerous and unnoticed threat comes from state-backed attackers, trying to gain access to critical infrastructure in what is called cyber-warfare.
What steps should companies take to protect their systems from attacks?
Companies must first undertake a full assessment of their security systems and asset management to identify the correct steps to protect them. Actions might include replacing existing unsecured equipment with cyber-secure devices using firewalls, segregating IT and OT networks, or blocking unauthorised users from accessing critical operational networks.
How important is collaboration between critical infrastructure companies, and their supply chain partners, to cybersecurity?
Critical infrastructure companies and their suppliers must use the same standards such as IEC 62443, the International Electrotechnical Commission (IEC) regulations that address cybersecurity for operational technology in automation and control systems.
A remote telemetry specialist partner like Ovarro can provide systems and certified devices that meet IEC 62443, but these must be correctly installed and configured by the system integrator. The owner, the critical infrastructure company, must then enforce best practices from their employees and other authorised users. Unless all these practices are implemented correctly, the cybersecurity of the whole system will remain vulnerable to attacks.
How can companies maintain awareness of emerging threats in their systems?
To minimise risks of cyberattacks, it is important that cyber security incidents and software vulnerabilities are handled in a proper and timely manner.
Likewise, common vulnerabilities and exposures (CVE) allow organizations to keep track of, compare and prioritise vulnerabilities over time. CVEs help companies understand their if compatible products have been reviewed for specific security issues. For instance, if any vulnerabilities are detected in its products or service, Ovarro publishes detailed security advisories to inform its customers of technical details and mitigation information, and direct them to software updates and workarounds.
How important is external product testing?
Ovarro works with cybersecurity specialists for penetration testing and to ensure its products are protected from threats through a continuous process of learning, monitoring and updating. The TBox remote telemetry unit (RTU), for example, includes a firewall that can be used to protect downstream devices in the field and to forbid unauthorised accesses and protocols. In addition, a virtual private network (VPN) is available to add a cybersecure layer of protection.
Even though cyberattackers will continue to find new ways to penetrate systems, by applying the these processes to update or protect their existing control systems, managers for critical infrastructure companies can stay one step ahead of evolving cybersecurity challenges.
@ovarro_ltd @StoneJunctionPR @CybersecuritySF #PAuto #Cybersecurity
No comments:
Post a Comment