Threats to Critical Infrastructure Requires A Continuous Improvement Mindset Now

Share on facebook
Share on twitter
Share on linkedin
Introduction Perfect prevention is not possible, especially given that critical infrastructure continues to be an evolving segment riddled with “brownfield.” As attack surfaces increase, the need to address physical threats and cyber threats will lead to the need for higher levels of adoption of emerging technologies to address an array of environments spanning across Critical Infrastructure (CI). The threat landscape continues to involve, with the U.S. National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) issuing an Alert (AA20-205A), recommending immediate actions to reduce exposure across OT assets and control systems in mid-2020. The warning states: “Over recent months, cyber-actors have demonstrated their continued willingness to conduct malicious cyber-activity against critical infrastructure by exploiting internet-accessible OT assets.”  CI Threat Landscape Evolves The threat landscape includes but is not limited to: International & National Terrorism by Non-State Actors — Violent extremism is a threat to critical infrastructure providers. Cyber terrorists are intent on disrupting critical services or causing harm.  While still under investigation, the bombing outside an AT&T facility in downtown Nashville on December 25, 2020, highlighted a cascade of technological failures. Nation-state-sponsored cyberattacks — These types of attacks have created a new market for bad actors and accelerated the monetization benefits of these attacks. Brownfield operational technology/information technology convergence acceleration, and a growing number of greenfield cyber-physical systems push OT security needs to evolve, and more IT security leaders to become involved, as threats and vulnerabilities increase IT/OT/IoT convergence — The convergence of IT and operational technology (OT) systems, combined with the increased use of the Internet of Things (IoT) in industrial environments, is challenging many security practices to define the best security architecture that aligns with transforming and modernizing environments.  The air gap is eroded for operational technology owners   Tactics and Techniques Evolving Critical infrastructure security risk leaders must observe tactics, techniques, and procedures to include: Spear phishing to obtain initial access to the organization’s IT network before pivoting to the OT network Deployment of commodity ransomware to encrypt data for impact on both networks Connecting to internet-accessible programmable logic controllers (PLCs) requiring no authentication for initial access Using commonly used ports and standard application layer protocols to communicate with controllers and download modified control logic Lack of controls related to modifying control logic and parameters on PLCs Memory attacks Cyber-physical attacks, due to their very nature of connecting the cyber and physical worlds, CI   face threats unlike any IT enterprise systems, ranging from siegeware to GPS spoofing  Recommendations Recommendations for Critical Infrastructure Security and Risk Managers must: Start planning for security controls that go beyond vulnerability and anomaly detection by adopting emerging technology that secures devices against attacks and increases cyber situational awareness. Accelerate IT/OT security stack convergence by inventorying what OT security solutions are used in their organizations and evaluating the growing list of stand-alone or multifunction platform-based options for interoperability with their IT security tools. Evaluate your security stack against changing threat vectors and risk, with an eye toward taking a cyber-physical approach. For vendors to watch, see Market Guide for Operational Technology Security and Emerging Technologies and Trends Impact Radar: Security in Manufacturing   Recommended Reading Emerging Technologies and Trends Impact Radar: Security in Manufacturing Market Guide for Operational Technology Security  Facing New Threats — Cyber-Physical Systems    

This post was originally published on this site

Source: Gartner Blog Network On:

Read On

About the author: CIO Minute
Tell us something about yourself.

Leave a Comment

CIO Portal