Is your OT-IT network fully Isolated and secure?
A Deloitte Study titled Manufacturers Alliance for Productivity and Innovation (MAPI) indicated that 40% of Manufacturing firms have experienced a cyberattack in the last 1 year and about 38% of them suffered damages of over 1 million USD.
While some organizations wouldn’t want to go public, companies like Norsk Hydro came out in open and informed all stakeholders about the compromise which was to the tune of 52 million USD. Many victims of cyberattacks are not so bold and the cost of cyberattacks is often suppressed under various accounting heads in the balance sheet. Underreporting of cyberattacks is a global problem. This is why US lawmakers recently introduced the ‘ Cyber Incident Reporting for Critical Infrastructure Act ‘ which mandates entities falling under the purview of this legislation to report cyberattacks to a specialized compliance agency established for this purpose.
While traditionally OT networks in the manufacturing environment were air-gapped and isolated from the IT networks, Manufacturing firms have swiftly move towards Cloudification of their IT application & there is an indication of these technologies used for remote monitoring and analysis of Industrial Control Systems.
From our numerous OT threat Assessments on Manufacturing industries, we have identified a few common vulnerabilities, such as:
- Information Disclosure
- Default Credentials
- Weak Network Segregations
- Network Map of other devices
- OT devices using default username and password
- Unpatched OT devices leading to critical vulnerabilities such as:
i. These vulnerabilities could be exploited by remote attackers to cause a denial of service and allow attackers to hijack the authentication of random victims via various vectors. It could also allow attackers to access additional diagnostic functionality with physical access to the UART interface during the boot process
ii. These vulnerabilities could be exploited to execute code or commands remotely on affected systems. This could give the remote attacker complete access to systems which could further lead to information disclosure, denial-of-service, etc
As manufacturers get busy with meeting their production targets and cybersecurity gets lost in layers of processes and applications, adversarial entities find it easy to breach and steal data or even hold data to ransom
To learn more on how to secure your manufacturing infrastructure, join our cybersecurity experts Kiran and Kapil at our booth H2-D1, from 17th to 21st October GITEX 2021 as they discuss and offer simple, cost-effective, and lasting solutions to:
- Improve visibility and reduce time to action to respond to cyberattacks
- Comply with frameworks such as Zero Trust and IEC 62443
- Deal with vulnerabilities while preventing adversaries from exploiting them
- Prevent your networks from leaking data and credentials
- Tie-up loose ends in your cybersecurity posture and gather intelligence to make insight-driven decisions
Originally published at https://sectrio.com on October 11, 2021.