2023年1月4日发(作者:弄瓦)Inside and Out
Headlines around the world are filled with reports of cyber attacks, large scale financial crimes and threats to national curity. But the news is also full of great innovations - ways technology can create breakthroughs which improve our productivity, our health and our future prosperity. Organisations which depend heavily on industrial automation are at an inflection point, the winners will share and exploit all data in their enterpri, make better decisions and increa productivity, energy efficiency and safe operations.
We find ourlves in the midst of a new industrial revolution. Powered by the recognition of significant business benefits of converging the previously parate worlds of Internet Protocol-bad IT and Operational Technology - the hyper-connected Industrial Enterpri is a very concrete reality.
With this revolution underway and an increasing awareness of the possibilities that this bright and exciting industrial future offers, industry professionals the world-over are becoming motivated to explore the best (and safest) path to convergence.
When treading new paths and integrating innovative technology, it’s important to be fully aware of the potential risks and obstacles that lie in wait. Hyper-connectivity has also opened up a new environment for curity threats. Cyber Security for industrial organisations is as much about safeguarding the physical well being of the company and its employees as it is about financial health – an attack that starts in cyber space can have devastating conquences in the physical world. As such, a full and accurate understanding of the risks is of the utmost importance.
Two initial factors that an organisation must consider are:
The source and motivation behind possible cyber attacks
The targets and methods of possible cyber attacks.
Let us consider the first of the. For industrial organisations evaluating the risk pod by cyber attack, an intelligent examination of potential sources from which an attack might originate is a good place to start. This is not about scaremongering; analysis bad on solid threat intelligence ensures that both probability and impact can be assd and more nsible, pragmatic steps taken to mitigate the risk. However, it is also worth noting the threat of cyber-attack pod to industrial organisations exists inside and out…
The Malicious Insider - As IT managers know only too well, many ‘attacks’ are often perpetrated by a trusted insider who us his expert knowledge and corporate authorisation to manipulate systems to carry out their personal commands. The insider threat pos as much risk to OT as to IT.
The Accidental Insider – The quest for greater efficiency and productivity combined with a lack of curity awareness can open up new avenues for an accidental introduction of malicious code. However, as well as the threat from malicious cyber attacks, systems and data can also be threaten
ed by curity applications themlves, legitimate testing or unauthorid configuration changes. The great nsitivity of OT to factors such as latency in the system, regardless of its cau, requires preci knowledge and understanding of how curity solutions (for example) might affect a system.
External Actors – Malware or commands issued by a cyber-intruder to negatively impact Operational Technology and systems. The driving purpo behind such malicious external attacks is typically to survey critical systems, steal intellectual property or disrupt industrial process to satiate numerous varied motivations.
In order to effectively plan for and manage the risk of cyber attack pod by a wide range of sources, organisations need to take a well-informed, pragmatic approach to develop a realistic risk analysis of possible cyber-threats originating both inside and out.
Download the full whitepaper exploring the risks associated with the convergence of IT and OT to learn more or e my next post where we will explore the identification of potential targets within OT and Industrial Control Systems and the routes of penetration which a cyber-attack might ek to exploit.
