Cyber attacks on strategic organizations (production and electricity and gas networks, water treatment, chemical and petroleum industries, etc.) are currently experiencing very strong growth. Securing their environments is therefore a necessity. But how do you explain this explosion in the number of attacks and why are these sectors so exposed? To answer them, we must dwell on the specificity of their organizations and infrastructures.
An opening of industrial systems to IT
The main point of vulnerability for industrialists is linked to the gradual arrival of information technology within their production systems. In this sense, the secure interconnection between the OT and IT networks of industries is a strong issue to take into consideration. IT did expose the systems. It is therefore strategic to allow operators of critical infrastructures to exchange information between disjointed trusted systems while maintaining their physical seal against targeted and sophisticated cyberattacks.
The importance of securing systems by relying on reliable components
In view of the elements mentioned, securing the OT and IT networks of manufacturers requires relying on reliable and non-vulnerable infrastructures. It is on this point that an approach based on a purely IT response is not effective. The use of electronics including the principle of defense in depth seems to provide solid guarantees.
The objective is then to allow a completely secure OT-IT connection, whether it is via networks or USB. It should also be noted that on the subject of USB, many installations are today vulnerable and potentially exposed to a major cyber risk (unprotected workstations in factories, at strategic points, etc.).
Mix devices and have a business approach
Of course, if the hardware provides a strong guarantee for securing industrial systems, this does not mean that it should not be supplemented by other devices. Thus, the use of solutions, firewalls and UTM taking into account the specificities of the industrial world and its exchange protocols is also necessary. A combination of complementary approaches therefore makes sense (manufacturers, service companies, publishers, etc.).
Therefore, it is notably possible to avoid any contamination at the level of the data transport layers and to guarantee the integrity of the data packets by controlling their content to avoid attacks on business flows. This complementarity brings many benefits in the industrial world, in particular a complete coverage of the network and of all the perimeters in terms of security.
In view of these elements, it is therefore perfectly understandable that securing the OT and IT networks of manufacturers is a complex subject which cannot be improvised and requires the implementation of a specific approach. With the increasing openness of industrial systems to IT, it is crucial to act quickly to evolve its cybersecurity governance and adapt it to the specific business characteristics of this sector of activity.
By Xavier Facelina, CEO of Seclab