The new year has just started which and that means you need to know what to expect regarding cyber threats in 2023! Read how OTORIO's experts look at cyber threat landscape and how to best approach an industrial ransomware attack in the latest article by com!Professional.
Here is an excerpt of the article:
However, it is no longer just about securing user accounts or servers. More and more devices and systems are migrating into the network, keyword Internet of Things. The new OT security challenges require many companies to rethink their strategies and behaviors. Operational technology (OT) works very differently from classic information technology (IT). The term OT describes the operation of physical industrial and production facilities, such as robots, pumps or metal presses.
The most serious difference between operational technology and IT is the frequency of updates. While in an IT environment the administrator quickly installs a security update in the background when a vulnerability is identified, the situation is very different in operational technology. Industrial control systems are in production environments in continuous operation - without the possibility to be switched off briefly for an update.
"OT has been in use for years without security being the top priority, which makes it insecure from the outset," says Kay Ernst, Regional Director DACH at IoT security specialist Otorio. According to him, upgrades and patches are not easy in operating environments that run 24/7. “Unfortunately, downtime is not an option. So there are indeed many holes in OT environments, which is why access to them should be restricted and regularly reviewed.”
According to Kay Ernst, the only effective way to counteract ransomware attacks in industrial environments is not to act reactively but to act proactively: "This includes determining the attack surface and the security situation of an industrial environment, evaluating the effectiveness of security controls and to understand which vulnerabilities are really open and can be exploited.” A risk-based approach, in which the vectors of exploitation are analyzed rather than the vulnerabilities themselves, enables a better focus on the most important risks. “People tend to focus on detection and response. While this is an important measure, it is still a reactive approach that comes too late to deal with such attacks.”
To read the full article and to learn more about cyber threats in 2023 check out com!Professional.