IT-based defenses are routinely defeated
The continuing trend towards the convergence of IT and OT teams, the convergence of IT and OT business processes and technologies and the interconnectedness of IT and OT networks may all have sound business drivers, but too often the result is unexpectedly vulnerable industrial control system security postures. IT-centric firewalls and anti-virus solutions do a fair job of defending against the pervasive threat of viruses and botnets, but have repeatedly proven inadequate to defend against more sophisticated acts of sabotage.
The stock formula for these “more sophisticated” attacks has become widely known and widely practiced: use spear-phishing to pull malware past corporate firewalls, craft your own bits of low-volume, remote-control malware to defeat anti-virus systems, disguise your communications as legitimate traffic to defeat application-layer firewalls, and defeat security update programs by stealing passwords rather than attacking vulnerabilities. New, advanced data-exfiltration prevention technologies are being deployed to address this class of attack on corporate networks, but data-exfiltration-prevention technology does nothing to prevent the cyber-sabotage of industrial networks.
To date, there has not been a well-documented new-style attack on an industrial control system with the intent of cyber-sabotage. That said though, given the easily-available means for such an attack, it remains only a matter of time before some hacktivist couples these well-known attack techniques and technologies with a malicious motive. IT-style defenses designed to prevent the theft of intellectual property do not address this class of cyber-sabotage threat to worker safety, to public safety and to plant reliability. To maintain effective control of the dangerous and very costly physical infrastructure at industrial sites, owners and operators must do more to address modern cyber-sabotage threats.
Beyond IT-style security
Industry leaders are not ignoring this problem. Many are starting to deploy unidirectional gateways, which are hardware-and-software solutions that securely integrate operations data with business networks and systems. The gateway hardware enforces unidirectional data flows, while gateway software replicates servers. The replica servers on the corporate network allow corporate users to access production data in real time without any threat to, or impact on, the real operations servers. Information can flow out of operations networks without allowing any network or remote-control attacks whatsoever back into the network.