Prior to the age of the internet, industrial control systems were naturally “air gapped,” meaning that no one could easily disrupt day-to-day operations. However, modern industrial control systems (ICS) now interface with a variety of networks and devices, presenting a host of industrial control systems security vulnerabilities.
Does industrial control systems security sound like a snooze? For those who are new to the topic, this type of infrastructure ensures that traffic lights function properly, that our water systems are safe, and that hospitals, data centers and office building can keep the lights on. Literally.
When the SolarWinds attack hit, 25% of North American utility companies were affected. How can industrial control groups ensure that they’re not the next attack sector in the news cycle? Incursions can go undetected for long lengths of time. Prevention and a resilient cyber security posture are critical countermeasures.
The most well-known ICS attack occurred on May 6th of this year, and affected Colonial Pipeline Co, a US-based fuel transport group. Some described the attack as the “most disruptive cyberattack on record.” Forensics teams determined that hackers accessed systems via a stolen password. This had been discovered within an aggregate of leaked passwords on the dark web.
Ransomware threats for ICS are growing
Recently, the Cybersecurity and Infrastructure Security Agency (CISA) released a fact sheet highlighting the realities of ransomware threats in 2021 in relation to operational technology (OT) assets and industrial control systems.
“Given the importance of critical infrastructure to national security and America’s way of life, accessible OT assets are an attractive target for malicious cyber actors” says CISA.
These individuals are “seeking to disrupt critical infrastructure for profit or to further other objectives. As demonstrated by recent cyber incidents, intrusions affecting IT networks can also affect critical operational processes even if the intrusion does not directly impact an OT network,” CISA continued.
According to Check Point Software, US utility groups experienced 300 cyber attacks per week across a recent two-month timeframe. Ransomware attacks are especially concerning, as they could have long-lasting and severe real-world consequences.
How industrial control systems should protect against ransomware attacks
Infrastructure groups can take strategic steps to avoid and brace for ransomware attacks. In a new fact sheet, CISA provides detailed guidance. Key points about the preparation phase:
- Industrial groups should assess reliance on IT infrastructure.
- Leaders should develop resilience plans.
- All players should understand how to execute an incident response plan.
- Organizations should develop routine data backup procedures for both IT and OT networks.
This is really just the tip of the iceberg. The next section of the fact sheet, about mitigation, is must-read material.
Expert cyber security tips
- Prevention starts with OT/IT network segmentation. This will arrest hackers’ movements as they attempt to maneuver across a network.
- Avoid zero day exploit attacks through threat prevention. Protect devices from zero day attacks through virtual patching and ensure that your organization continually retains access to high-level threat intelligence platforms.
- Zero trust security policies can thwart threats. Know who needs access to which systems, and to what degree. Zero trust policies that are customized and carefully implemented can instantly minimize risk exposure.
For additional expert insights into securing industrial control systems, watch this webinar. Learn about defense-in-depth, security settings, and best practices that can help improve your security posture.
Also–Sign up for a free demo to discover how a comprehensive cyber security solution can keep critical infrastructure systems secure. Top-tier technologies can make a difference in the long-term security and integrity of your environment.
Lastly, be sure to check out Cyber Talk’s past coverage of industrial control system concerns, here.