Infrastructure company Operational Technology (OT) networks have been hacked

Infrastructure company Operational Technology (OT) networks have been hacked

Authonet Cybersecurity Authonet Cybersecurity

Authonet Cybersecurity

Authonet zero-trust network edge security for small to large businesses with 2-factor authentication.

发布日期: 2024年5月8日
+ 关注

The US government through the Cybersecurity and Infrastructure Security Agency (CISA) and other government offices is warning infrastructure companies about the risks imposed by OT systems that have been hacked by state sponsored foreign actors, and specifically Russian state sponsored hackers. The objective of the state sponsored hackers is at some point in time to disrupt infrastructure services for American citizens that include:

  • Power grid energy supplies
  • Water and sanitation
  • Food and agriculture

The state sponsored hackers have infiltrated many OT systems in the USA and Europe and have compromised Internet exposed industrial control systems (ICS’s) and programmable logic controllers (PLC’s) through software interfaces. CISA has published a series of recommendations to strengthen OT systems through password improvements and Internet interface controls.

The strongest method of cyber protection is that published by the National Institute of Standards and Technology (NIST) Cybersecurity Framework and Zero Trust Architecture. OT networks can be upgraded to add Zero Trust architectural features economically using equipment from one of several cyber security product manufacturers.

Zero Trust adds three layers of security around an Internet exposed OT system, this is shown in the diagram.

  • Intrusion monitoring: Devices require pre-authorization through a device signature to access the network, any access attempt by a non-authorized device will trigger an alert for the supervisor.
  • Authentication: Devices and users follow an authentication process with device identifiers and 2 factor or 3-factor authentication for users, eliminating password guessing or theft.
  • Access control: This layer sets rules of access for each device and user that limits access to components within the network to those that are required to complete the task. Access to all other network components is blocked.

Adding Zero Trust to an OT network does not require any change to the ICS’s and PLC’s; Zero trust is a layer of equipment and software that is connected between the Internet interface and the OT network. The cost to upgrade a network is small. A new layer of network administration is added which will require additional supervisory staff. The protection that Zero Trust provides against state sponsored hackers will significantly reduce the risk of an attack that may disrupt the infrastructure system.

Zero Trust Network Access security layers for OT networks
Zero Trust Network Access security layers for OT networks

References:

CISA white paper: Defending OT Operations …

https://www.cisa.gov/sites/default/files/2024-05/defending-ot-operations-against-ongoing-pro-russia-hacktivist-activity-508c.pdf

NIST Cybersecurity Framework

https://www.nist.gov/cyberframework

NIST Zero Trust Architecture

https://www.nist.gov/publications/zero-trust-architecture


要查看或添加评论,请登录