Business & Technology
Operational Technology, or OT, including SCADA (supervisory control and data acquisition) and ICS (industrial control systems), is a system of hardware and software designed to monitor and/or control the physical devices, processes, and events used in the production and operations segments of businesses and organizations, including critical infrastructure (CI). OT networks play a critical role in things like production, manufacturing, defense and emergency, food and agriculture, and financial systems. These systems are traditionally kept separate from IT networks, and are often owned, managed, and operated by a different team.
OT devices and networks can be deployed anywhere – inside a manufacturing floor, distributed across a chemical processing plant, or out in the arctic monitoring oil and gas pipelines. These OT systems often perform simple yet essential tasks, such as monitoring a valve and shutting it off when a certain value is triggered. As a result, they can perform their tasks with little change for years. Which also means they sometimes run on aging operating systems and obsolete hardware using home grown applications. Since the goal for an OT system is to run exactly as designed, even patches are only applied if they do not hinder the process of the OT system.
But because these OT architectures run on a separate and isolated infrastructure, until recently they have been traditionally isolated from the Internet. One of the reasons for this is because these systems are often tasked with monitoring and managing the highly sensitive processes associated with critical infrastructure. The other is that these systems can be notoriously delicate. Something as benign as an active system scan can cause these devices to fail. And any failure or compromise can have serious if not catastrophic results.
However, new requirements, such as connected power grids, active inventory control, smart environmental control systems, just in time manufacturing, and interactive systems tied to Big Data have begun to change all of that.
In addition, companies are looking for productivity improvements and cost savings by implementing such changes as optimizing plant operations, deploying a more flexible operating environment, or establishing a more proactive inventory control system that requires real time online data. As a result, many of today’s OT systems are transited or tunneled over corporate networks, leverage common internet protocols, run on general-purpose hardware and mainstream operating systems, and are increasingly connected via wireless technologies.
These critical infrastructure systems are also increasingly targeted by cybercriminals, with a reported 51% of critical infrastructure enterprises reporting an OT/SCADA/ICS security breach within the past 12 months.
Chemical, Commercial Facilities, Communications, Critical Manufacturing, Dams, the Defense Industrial Base, Emergency Services, Energy, Financial Services, Food and Agriculture, Government Facilities, Healthcare and Public Health, Information Technology, Transportation Systems, Water and Wastewater Systems, and Nuclear Reactors, Materials, and Waste.
Targeting and taking out a critical infrastructure system has huge appeal for many cybercriminals, especially cyberterrorists or criminal organizations. Motivations include holding systems hostage for a ransom, stock price manipulation (short sell, attack, and reap a “clean” profit), denial of asset or production for strategic or tactical reasons, political awareness or impact, or corporate malfeasance (illegal competitive action).
Unfortunately, not only are many of these now-connected systems quite vulnerable to compromise, unlike IT networks, a failure in one of these sectors also has the possibility of causing a catastrophic event affecting both human life and property. The consequences of a successful attack can lead to the disruption, and even destruction of physical assets and essential services like water, electricity, and fuel.
As the utility, oil and gas, transportation, and manufacturing sectors increasingly adopt connected control systems and Industrial IoT devices, the CI attack surface is rapidly growing. The connected nature of these devices and systems poses serious challenges as they begin to utilize traditionally IT owned network infrastructure, wireless access points, and mobile networks. At the same time, the specialized nature of OT infrastructure technologies means that most IT security and threat intelligence solutions don’t have visibility into, let alone the ability defend against attacks on critical infrastructures.
While securing OT systems requires an integrated approach similar to IT, its objectives are inverted, with availability being the primary requirement, followed by integrity and confidentiality. OT systems are necessarily focused on delivering a particular essential service, such as electricity or water, or maintaining safety systems at chemical plants or dams, and cannot afford to be disrupted even momentarily. Conversely, IT systems are primarily focused on the collection, correlation, and distribution of data, with a primary focus on protecting confidential or personally identifiable information or trade secrets.
Addressing the requirements of an OT network requires an integrated approach comprised of the following elements:
Note: You can also read our news release from today to read more specifics about our recently announced solutions.
The transition to hyperconnected networks, such as smart cities and connected utility services, is driving the convergence of IT, OT, and IoT networks. To successfully defend these integrated networks, organizations need an architecture that scales across the entire infrastructure to provide unified visibility and control, distributed segmentation, and integrated protection. Protecting and defending today’s critical infrastructures requires a single, unified approach that integrates security solutions into an interactive Security Fabric capable of adapting to and spanning distributed IT environments, while simultaneously providing the advanced capabilities needed to defend their critical OT infrastructure.
Watch our video for more information on Industrial IoT and securing critical infrastructures.
For more broader reading, download our paper and learn about the top threats that security leaders are being forced to address and the security approaches to evaluate to protect against them.
This blog first appeared on CSO.com.