Classic set of Risks to aiming OT Network of a Manufacturing Facility
Lets get things real and identify what are the risks associated to manufacturing facilities.
What you see here is? the Giant world of a manufacturing facility? where you have a typical IT infrastructure connecting offices, monitoring centers and Operations
And at the same time you have this humongous Operational Technology segment containing processes involved in making a product.
Adversaries adopt multiple routes to impact the operational technology with various ways.
?
PHISHING
?
First one being the most common one is to make their way into Operational network through phishing attacks on IT infrastructure. Quite a classic attempt and frankly an effective one.
USB MEDIA
The other attack methods involve launching a compromise from the inside through removable usb media which leverages human error and by far this is also an extremely successful one as well. No matter how strong are the domain controls, usb media usage is extremely hard to control
?
领英推荐
MISCONFIGURATIONS
The next open avenue is a misconfiguration in the network which is also a very common sight.
?
BAD FIRMWARE
Combined with such negligences we often see some infected firmwares which sometimes is part of?? supply chain. This one could be extremely devastating especially in the wake of multi vendor environments with no control on country of origin or component based diligence.
?
REMOTE ACCESS
Similar to that is the misused remote access where adversaries try to leverage remote access vulnerabilities to make their way into the network. In the wake of ever growing CVEs in VPN boxes, this has become even a bigger challenge. Due to weaknesses in VPN infrastructure, the gateways and firewalls are sometime facilitator of access bypass instead of being protector against it.
IT/OT JUNCTION
?
And the last thing is the IT/OT junction which is in the cyber debates all the time. The IT/OT connectivity if not secured properly, opens a whole lot of avenue for compromises to creep from internet or IT side towards the OT infrastructure.
While there are several other variants but by far these are the most common type of attacks aiming manufacturing sites