As businesses worldwide abruptly moved to remote operations, organizational cyber-security practices are changing at a frenetic pace. Cyber-attackers are stepping up their game and are exploiting the new vulnerabilities to get their foot in the door of organizational networks by using phishing emails, SMS lures, and more. Unfortunately, they are succeeding at an impressive rate due to the increasingly remote and distracted workforce.
As always, cyber-attackers taking advantage of online behavior trends. The current COVID-19 outbreak is no different, as we see more and more companies suffering from cyber-attacks. The combination of uncertain times and the increased reliance on the internet for much of the daily operations has led people and businesses around the world to face costly cyber-attacks, resulting in the loss of millions of dollars. Some of the tactics of threat actors are as follows:
In addition to everyday cyber-security concerns, the current shift to remote operations is a quantum leap for industrial environments that, up until recently, were not even connected to the internet, directly or indirectly. Now industrial organizations are being forced to rely on remote connection solutions in order to continue production. As a result, we have seen a steep increase in internet exposures of the ICS segment since the beginning of 2020 (to be elaborated on our next blog).
We were all blindsided by the speed and extent of the business impact of COVID-19. Now it is time to take charge and move forward deliberately and attentively. This is true for all companies, and especially for industrial companies, who typically are late adopters of digital and remote solutions. To ensure safe and reliable remote operations of newly connected industrial networks, companies must stay ahead of the curve and embrace secure remote operations.
1. Immediate: Learn what potential attackers know about you
Before you can expand remote work to your company’s core business operations, first learn what cyber-attackers know about you, anticipate what they may do by gathering intelligence of your specific threats. Begin by identifying what publicly available information exists about your company.
OTORIO’s experts are doing everything in their power to help industrial companies around the world to overcome this crisis with minimal cyber incidents. For a limited time, OTORIO, an industrial cybersecurity company is offering a free, non-intrusive cyber scan to help your industry stay ahead of the curve. Click here to see if your organization qualifies for a free cyber scan.
2. Short-term: Maintain business continuity through secure remote operations
Due to the critical nature of physical systems and the ever-evolving threat landscape, establishing a secure remote connection to industrial control systems is unique and requires deep expertise in both industrial and cyber domains. Because users are likely to work from public network connections and use personal devices, security teams need to apply security arrangements that feature minimal trust.
3. Long-term: Monitor assets’ digital condition in addition to their physical condition
By shifting to remote work, engineers and operators received a new responsibility. In addition to monitoring an asset’s physical condition, it became vital to monitor its digital condition as part of the routine maintenance and operations. COVID-19 illustrates that digital production is the future, which will remain long after the pandemic leaves our lives. Efficient management of digital risks requires an orchestration and automation of both industrial (e.g., APM) and digital security (e.g., EDR) systems, as well as:
By developing a long-term, remote working strategy that includes secure remote access and security orchestration and automation solutions, you are getting on the right track to recover from the current crisis and prepare for future challenges. In addition to software solutions, consult with professional industrial security experts regarding risk assessment, penetration testing, managed detection and response, and incident response in order to further support your remote work and digital journey.