Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware

Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

5 years ago Alex Bagwell
Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

Over the weekend, the Alpharetta, GA based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to prevent further exposure. Colonial Pipeline is responsible for 45% of the gasoline, diesel fuel and natural gas transported from Texas to New Jersey. A shutdown of this magnitude has the potential to net economic impact and reiterates the need to safeguard our critical industrial systems.

In today’s global quest for more data, incremental efficiency gains and desire to apply artificial intelligence (AI), numerous industries are connecting their OT systems to both the internet and other IT systems. For Colonial, the incident appears to be isolated to IT functions, but the nature of a converged environment presents implications for operations. Here are a few solutions to consider that can mitigate cyber risk (IT) and production risk (OT):

Increasing IT and OT Visibility

Beyond this specific event, industrial companies and utilities are increasingly becoming a target for cybercriminals because there is often limited visibility and monitoring of the OT devices on their industrial networks. Additionally, with IT and OT beginning to converge and more devices becoming accessible, there is a need to have complete visibility from the C-suite to the sensor. Here we saw the direct impact of an IT event on OT systems, which reinforces the importance of maintaining visibility of assets across your entire network.

Government Support

Recently, the Biden administration issued a 100-day sprint to identify weaknesses in electrical infrastructure, along with a Request for Information (RFI) from the Department of Energy (DOE) regarding supply chain risks to the U.S. electric system.  In parallel, recent Senate bill S.914 addresses wastewater infrastructure, which further echoes the need for a concerted effort to safeguard our critical systems. Funding, grants, tax or stimulus incentives should be available to those companies implementing strong security hygiene. There should also be reassessment and regular conversations between utility peers on best practices, frameworks, and internal policies.

Resources for Industrial Security Teams

We also know that security teams are becoming overwhelmed and, in some cases, are not properly resourced to manage solutions and data coming from multiple devices across IT and OT environments. For this reason, many have become more reliant on managed services like ExpertOps or providers to manage multiple solutions.

This event (and many others) has shown us that when it comes to securing an IT-OT environment, it all starts with visibility. You can’t protect what you can’t see. Tripwire solutions are designed to provide you both IT and OT controls to enhance, augment and improve your cybersecurity posture. With Tripwire’s suite of integrated solutions, you can easily extend your IT controls into your OT network and OT controls into your IT networks, providing you with a holistic & unified view and approach to cybersecurity. You can find out more about Tripwire’s solutions at www.tripwire.com.

The post ” Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure” appeared first on TripWire

Source:TripWire – Alex Bagwell

Tags: Critical Severity, Goverment, Malware, Ransomware, TripWire

Continue Reading

Previous U.S. Declares Emergency in 17 States Over Fuel Pipeline Cyber Attack
Next Ficker – An Info-Stealer Malware that tricks people to get their passwords

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

10 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

12 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

13 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

How Samsung Knox Helps Stop Your Network Security Breach

15 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

17 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

20 hours ago [email protected] (The Hacker News)

Recent Posts

  • China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
  • CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
  • Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
  • How Samsung Knox Helps Stop Your Network Security Breach
  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT