OT cybersecurity has not received adequate attention from cybersecurity teams globally and this is why a lot of cyberattacks succeeded in 2021. As 2022 emerges on the horizon, it will be pertinent to take a pause and look back at key cybersecurity lessons from 2021. This piece will focus on critical infrastructure cybersecurity.
Why Critical Infrastructure will continue to face cyberattacks?
Colonial Pipeline, the biggest CI operator to be attacked in 2021 ended up paying a ransom to free its systems. During the cyberattack, Colonial Pipeline was not even aware of which part of the infrastructure had been attacked and couldn’t isolate the attack so it ended up shutting down the entire facility. This is a common practice among companies that operate or use operational technology. On the one hand, most of such OT devices are ancient or even of archeological interest, on the other, one cannot even fathom a situation wherein these devices can be patched or even upgraded in terms of security.
The critical infrastructure operators have plenty of such devices in their asset base is a common secret. With many operators now opting for a phased digital transition to the Internet of Things or IT-based devices, the infrastructure hosts a significant diversity of technologies and devices of varying technology maturity levels. Not only does this complicate the cybersecurity approach needed to secure such an environment, but it also slows down any attempt to standardize or even improve OT/IoT security practices.
Today, many businesses are operating without accurate and OT-specific threat intelligence which hampers the detection of OT-related cyberthreats.
Hackers are aware of such gaps. They are also collaborating more often now as certain state sponsors backing them are asking diverse APT groups to consolidate operations and share data and resources to save on costs and maximize impact.
In the case of IoT cybersecurity, the situation isn’t any better. Many new classes of devices were added in the last two years to improve remote monitoring of critical infrastructure. These were rushed into the market without adequate testing on the security aspects and were deployed without analyzing their impact on the overall security posture of the critical infrastructure operator. There were at least two instances of critical infrastructure operators getting hacked within days of expanding their IoT installations.
Further, the data that was passing through IoT devices went up significantly in 2021 indicating the activation of many projects. One did not see a proportionate rise in either IoT cybersecurity investments or conversations. These devices could turn out to be the new entry points or enablers for more complex cyberattacks.
Also, last-mile automation of some CI projects will be completed in 2022 and this could lead to more new CI tech components coming online without adequate levels of cybersecurity.
Lastly, the war on cybercriminals and APTs is currently occurring in bits and pieces and there are many groups that are still operating without fear. Though a few groups have been penalized, there is still a long way to go and many more actors to neutralize.
When one puts the above together, it becomes clear that the upward trajectory of cyberattacks will continue in 2022. However, if businesses ramp up their cyber defense measures, pay more attention to detecting and fixing vulnerabilities, most of the cyberattacks can be prevented.
Sectrio is a leading IoT and OT cybersecurity vendor with solutions, threat intelligence, consulting, and SoC services on offer for various industries. In addition to running the largest threat intelligence gathering facility in the world, our solutions also operate with the least amount of threat detection latency. Which means you can keep hackers at bay much faster.
See how our OT-IoT-IT security solution can handle such threats to your enterprise. Book a no-obligation demo.