In her article for SDXCentral, Managing Editor Jessica Lyons Hardcastle put it simply – “it’s been a doozy of a past 12 months.” 2021 certainly taught us about our resiliency as a society as we continued to face the twists and turns of the pandemic. But 2021 also taught us that the cybersecurity of our networks and infrastructure was not as resilient as likely assumed.
We launched into the year with the unfolding aftermath of the SolarWinds breach and its widespread impact. Not too long after, the Colonial Pipeline attack occurred. While this attack relied on targeting VPN credentials and not the actual OT (Operational Technology) control system, it did demonstrate that a direct target on OT systems may not be that far off. And just as we started to close out 2021, the Log4j incident hit. We have yet to see the full picture of the problem that this zero-day vulnerability in the popular open-source logging library will have, but what it proves alongside these other cases is that we have work to do when it comes to protecting our systems.
We need to pay particular attention to Industrial Control Systems (ICS), which help to facilitate the function of industries such as manufacturing, transportation, water treatment and energy. At one time, like David Greenfield points out in Automation World, cybercriminals were fairly unfamiliar with the details of ICS. However, as we head further into the realm of Industry 4.0 where Information Technology (IT) and OT continue to merge, attackers are expected to advance methods to take advantage of this trend. And the outstanding issue is that many of these networks have not been updated or treated with necessary patches. A Kapersky report concluded that “a third of industrial control systems were attacked in H1 2021,” according to PacketLabs. These attacks can take a number of forms including phishing attacks or targeting open IT networks or VPNs like mentioned previously.
But with the experiences that the year forced us through, we now have the opportunity to apply that wisdom in 2022. As PacketLabs suggests, that begins with ICS organizations and industries conducting an audit of the positioning of their security. Through such a review, they can identify their strengths, where controls are needed and how best to design vulnerability management. Chris Connell of Kapersky also shared some critical tips for industrial network security with TechHQ. Based on his insights, “passive OT network monitoring is essential for asset and communication inventory;” “It is vital to implement specialized industrial-grade security software for OT hosts and servers;” and measures should be taken to restrict access, particularly remote access, to the automation and control systems. On top of that, a software management and policy system that handles patching should be put into place.
Although we just came through a year considered a “doozy,” the upside is that there are tools to help follow through on recommendations like outlined above. An article for Triangle Business Journal highlights that technology like artificial intelligence can increase the speed of flaw detection. Plus, there are options like Veracity’s Net-Optix™, which is helping infrastructure networks streamline the process of upholding top security standards. Learn more at https://veracity.io/product/.
- “Over One-third of Industrial Control Systems Were Attacked in H1 2021” – PacketLabs
- “Plan for tomorrow by implementing cybersecurity on your network” – Nima Baiati, Triangle Business Journal
- “3 Common Attack Vectors for Industrial Control Systems” – David Greenfield, Automation World
- “Worst Cyberattacks of 2021 (So Far)” – Jessica Lyons Hardcastle, SDXCentral
- “Post-2021, cybersecurity for industrial infrastructure is critical” – Rebecca Oi, TechHQ