Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Vulnerabilities
  • The Evolution of Securing Critical Infrastructure
  • Critical Vulnerability
  • Vulnerabilities

The Evolution of Securing Critical Infrastructure

5 years ago Irfahn Khimji
The Evolution of Securing Critical Infrastructure

Everything evolves. Simply stated, the gradual development of something from a simple to a more complex form is what evolution is all about. When something ceases to evolve, yet still exists, it becomes classified as a living fossil. One example is the Ginkgo Biloba tree. It took millions of years for this evolution to cease. This all happened without any help from humans.

When we think of our relationship with technology, it is apparent that we are nowhere near the point of realizing the end of the technological evolution. Even if we consider the earliest human technological achievements, such as how to transport water uphill, we are still many years away from exhausting our imaginations as well as our technological capabilities. However, just as a tree is susceptible to the forces of nature, we have learned that our greatest achievements can be undermined by the same human inspirational ingenuity.

The evolution of critical infrastructure

A more modern example of the evolution of technology is in the area of critical infrastructure and operational technology (OT). Water and wastewater systems are just one classification of critical infrastructure. We have certainly come a long way since Archimedes’ spiral, but we have also become more capable in our destructive capabilities. 

Many of the devices that control all sectors of critical infrastructure were designed as stand-alone mechanisms. To clarify, these types of devices, such as programmable logic controllers (PLC), have been around for decades but were never connected – nor were they ever intended to be – to the Internet. While this evolution has brought ease of use and remote access, it opens the door to a whole new set of challenges.

These devices typically have up to 20-year lifecycles without being updated, upgraded, or patched. Malicious actors are finding ways to get these devices to do things they weren’t intended to do. Attacks against PLC devices are rivaling those of popular consumer-grade operating systems, garnering CVSS Base Scores that demand immediate attention.

A time for education and awareness

In order to overcome these challenges, education and awareness are key. These systems now need more than just physical security; they need Internet Protocol-based security—or more affectionately called “cybersecurity.” Devices need to be updated or upgraded more frequently, and if that can’t happen, there needs to be more stringent controls to block unwanted traffic from getting to these devices. 

For example, a logic controller should only talk to a certain engineering workstation or Human Machine Interface (HMI). A PLC should only receive certain types of packets to determine if, for example, the valve should be on or off or set to a specific level. If an unexpected command is sent to the controller, such as a command causing it to spin faster than its normal operating threshold, that instruction be dropped, logged, and flagged for further investigation. 

A logic controller that openly accepts commands from the Internet is extremely vulnerable. Obviously, as well, a compromised workstation that issues commands to a PLC is also a problem. One of the key impacts to this has been the COVID-19 pandemic. As people were forced to work from home, organizations have had to rapidly enable their workforce to work remotely. Remote access has greatly accelerated the need for security. Prior to the pandemic, many of these companies strictly prohibited remote work, but they were forced to adapt in order to function. Many devices that were already IP based now needed to be controlled remotely for the first time. It was crucial to build that access securely. 

As things begin to open up and resume under these new rules of working, there are three groups of mindsets:

  • The traditionalists who say that everything should go back to the way they were.
  • The futurists who say the time is now to continue working remotely and never go back to the office again.
  • Those who are somewhere in between.

It may be surmised that the majority of folks will fall somewhere in between. Given that the pandemic lasted far longer than anyone anticipated, organizations reluctantly began their digital transformation. Some opted to go all-out, and some slowly did the bare minimum to keep their businesses running. Thus, the need for more diligent cybersecurity is only going to grow. Organizations need to take a pragmatic approach by focusing on topics such as:

  • Understanding what devices they have on their network.
  • Understanding what devices are communicating to other devices, whether internally or externally.
  • Understanding the risk posture of those devices, whether it is based on vulnerabilities or how they are configured.

Based on those three points, there will then need to be a focus on mitigating the identified risks and ensuring the network is properly segmented and properly monitored.

The Center for Internet Security publishes the Critical Security Controls, which helps organizations to plan how to build their security programs in a simple and pragmatic manner. This is a great resource for people who are responsible for critical infrastructure and OT security to implement when building out their program. They can also partner with their counterparts on the IT side of the business to create synergies within the organization.

Evolution happens both out of necessity and to make our lives easier. In this case, the cybersecurity posture of critical infrastructure must evolve to be more secure. We have a long way to go before any of our ingenuity becomes a living fossil.

Discover how Tripwire helps secure critical infrastructure today: https://www.tripwire.com/solutions/industrial-control-systems.

The post ” The Evolution of Securing Critical Infrastructure” appeared first on TripWire

Source:TripWire – Irfahn Khimji

Tags: CERT, COVID-19, Critical Severity, Goverment, TripWire, Vulnerability

Continue Reading

Previous NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws
Next The Top 5 Vendor-Neutral Cloud Security Certifications of 2021

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

9 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

10 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

12 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

15 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

18 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

1 day ago [email protected] (The Hacker News)

Recent Posts

  • China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
  • CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
  • Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
  • How Samsung Knox Helps Stop Your Network Security Breach
  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT