Security Market Segment LS
Wednesday, 21 July 2021 10:39

Cyber attackers ‘weaponising’ Operational Technology to harm, kill humans: study Featured

By Staff Writer

By 2025 cyber attackers will have weaponised operational technology (OT) environments to successfully harm or kill humans, according to new research from Gartner.

“In operational environments, security and risk management leaders should be more concerned about real world hazards to humans and the environment, rather than information theft,” said

Wam Voster, senior research director at Gartner.

“Inquiries with Gartner clients reveal that organisations in asset-intensive industries like manufacturing, resources and utilities struggle to define appropriate control frameworks.”

According to Gartner’s research on operational technology, security incidents in OT and other cyber-physical systems (CPS) have three main motivations - actual harm, commercial vandalism (reduced output) and reputational vandalism (making a manufacturer untrusted or unreliable).

Gartner predicts that the financial impact of CPS attacks resulting in fatal casualties will reach over $50 billion by 2023, and even without taking the value of human life into account, the costs for organisations in terms of compensation, litigation, insurance, regulatory fines and reputation loss will be significant.

Gartner also predicts that most CEOs will be personally liable for such incidents.

Gartner recommends that organisations adopt a framework of 10 security controls for Operational Technology to improve security posture across their facilities and prevent incidents in the digital world from having an adverse effect in the physical world:

1. Define roles and responsibilities

Appoint an OT security manager for each facility, who is responsible for assigning and documenting roles and responsibilities related to security for all workers, senior managers and any third parties.

2. Ensure appropriate training and awareness

All OT staff must have the required skills for their roles. Employees at each facility must be trained to recognise security risks, the most common attack vectors and what to do in case of a security incident.

3. Implement and test incident response

Ensure each facility implements and maintains an OT specific security incident management process that includes four phases: preparation; detection and analysis; containment, eradication and recovery; and post-incident activity.

4. Backup, restore and disaster recovery

Ensure proper backup, restore and disaster recovery procedures are in place. To limit the impact of physical events such as a fire, do not store backup media in the same location as the backed up system. The backup media must also be protected from unauthorised disclosure or misuse. To cope with high severity incidents, it must be possible to restore the backup on a new system or virtual machine.

5. Manage portable media

Create a policy to ensure all portable data storage media such as USB sticks and portable computers are scanned, regardless whether a device belongs to an internal employee or external parties such as subcontractors or equipment manufacturer representatives. Only media found to be free from malicious code or software can be connected to the OT.

6. Have an up-to-date asset inventory

The security manager must keep a continuously updated inventory of all OT equipment and software.

7. Establish proper network segregation

OT networks must be physically or/and logically separated from any other network both internally and externally. All network traffic between an OT and any other part of the network must go through a secure gateway solution like a demilitarised zone (DMZ). Interactive sessions to OT must use multi-factor authentication to authenticate at the gateway.

8. Collect logs and implement real-time detection

Appropriate policies or procedures must be in place for automated logging and reviewing of potential and actual security events. These should include clear retention times for the security logs to be retained and protection against tampering or unwanted modification.

9. Implement a secure configuration process

Secure configurations must be developed, standardised and deployed for all applicable systems like endpoints, servers, network devices and field devices. Endpoint security software like anti-malware must be installed and enabled on all components in the OT environment that support it.

10. Formal patching process

Implement a process to have patches qualified by the equipment manufacturers before deploying. Once qualified, the patches can only be deployed on appropriate systems with a pre-specified frequency.

Gartner clients can read more in the report Reduce Risk to Human Life by Implementing this OT Security Control Framework.

Read 1583 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

SONICWALL 2022 CYBER THREAT REPORT

The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.

GET REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments