When you mention cybercrime, the first thing anyone everyone thinks about is an attack on Information Technology (IT) systems. However, cybercrime can take on many different forms and can target many different areas. Case in point is the growing threats against Operational Technology (OT), which may have even more serious undertones than threats against traditional IT.
The infamous Stuxnet attack against Iranian centrifuges proves to be a perfect example of how a cyberattack can destroy OT and wreak havoc in an industrial situation. However, threats to OT did not start and end with Stuxnet. In today’s highly connected world, everything from power plants to traffic control system to production lines are under constant threat from disruption, sabotage or other maladies. Add to that the growing use of IOT, and you have a situation where a disaster is not only possible but almost guaranteed.
At first blush, protecting OT seems very much similar to protecting IT, however, that proves to be an assumption that could have devastating consequences. IT, as the acronym implies, deals with information, and has become the target of those seeking to steal data, commit fraud, or disrupt the flow of data. For those protecting IT systems, it’s all about connectivity and the movement of data.
OT, on the other hand, deals with the physical realm, whether it is moving resources down a production line, enabling manufacturing, distributing power, or any number of processes that are manifested in the physical world. An attack on OT can lead to serious accidents that may put lives in danger.
Israeli startup, Indegy, is aiming to mitigate the risk against OT with an out of band security platform that is designed for monitoring and alerting and enhances visibility into operational systems. The platform works in the realm of Industrial Control Systems (ICS), which are used across multiple vertical segments and are incorporating IoT, which are now being used in the manufacturing and energy sectors.
Indegy employs a three-step process when it comes to securing ICS. First, managers must understand what needs to be protected. Then, monitor all ongoing activities. Finally, create alert policies for real-time alerts to threats and changes in activity. Indegy works by monitoring the ICS, the Programmable Logic Controllers (PLCs) and Remote Terminal Units (RTUs) on a continuous basis.
” Since Stuxnet, attacks have become more dangerous”, said Barak Perelman, the CEO of Indegy. Perelman added “while Stuxnet was relatively targeted, 2013/14’s Dragonfly attack affected more than a thousand energy companies, simply because it spread everywhere, beyond whoever was the original target.”
Perelman warned “let’s say I own an ICS facility, that facility is vulnerable, even if it wasn’t the target. Simply because it uses the same industrial controller, which might even be used at a nuclear power plant as a chiller, or a water treatment plant.”
Perelman added “most industrial controllers were not designed with cyber security in mind, they were built in the ’80s, when there was no cyber security. Those controllers were built to trust instructions, not vet those instructions, and they have become the most vulnerable part of a system.”
Perelman’s words ring true, backed by industry analyst firm 451. In a report, 451 offered “The IoT security segment is the wild west right now, with many manufacturers securing just their segment of the overall IoT value chain and few systemic approaches and architectures. Indegy has identified a key juncture, the intersection of industrial control systems (frequently customized PCs and increasingly connected to the IoT) and the PLCs and RTUs within high-value industrial equipment. The industrial sector, with the energy and investment being expanded within Europe with Industry 4.0, is currently the largest and most lucrative target market for IoT security companies, and one that Indegy is positioned to capitalize on.”