September 2021

Interconnected factory networks need proper network segmentation to reinforce security. Network redundancy is also needed to ensure the availability of control systems. 27 www.drivesncontrols.com September 2021 CYBERSECURITY n segregate a network into smaller sub-networks. This allows the virtual patch function of an IPS to help mitigate the risk of known vulnerabilities. For example, some systems might be operating on Windows XP, for which Microsoft no longer provides security updates. In this scenario, even though there are known vulnerabilities, it may not be feasible to perform security updates. Remote desktop protocols are sometimes exploited to spread malware or to conduct unauthorised activities. As remote connections have become increasingly common – due to the need to increase operational efficiency and to perform troubleshooting quickly – it is unsurprising that building security boundaries between two field sites is talked about more frequently. Instead of using software to build the remote connections, which can lead to long-term vulnerabilities, it is highly recommended to build VPN tunnels and ensure that access control mechanisms are maintained properly. As business owners can no longer enjoy the benefits and security of completely air-gapped networks, it is imperative to enhance security boundaries through different approaches including network segmentation, micro-segmentation, and secure remote access. Each of these approaches fulfils different network requirements and helps enhance cyber-security, not just forming the perimeter protection but also preventing lateral movement of unauthorised traffic. n A Russian cyber-research firm, PositiveTechnologies, has reported that industrial companies were the second-most targeted sector by cybercriminals during 2020. It also found that external attackers can penetrate corporate networks at 91%of industrial organisations.“Penetration testers”working for the company were able to access to the ICS (industrial control system) networks at 75%of these companies. Attack vectors for accessing critical systems can be simple, but the potential damage can be severe. Once criminals have gained access to ICS components, they can shut down production lines, cause equipment failures, initiate chemical spills, and even trigger accidents that could harm or kill employees. “The level of cyber-security at most industrial companies is too low for comfort,” says Olga Zinenko, a senior analyst at Positive Technologies. “In most cases, Internet- accessible external network perimeters contain weak protection, device configurations contain flaws, and we find a low level of ICS network security and the use of dictionary passwords and outdated software versions present risks.” The report says that, once inside a network, attackers can steal user credentials and obtain control over the infrastructure. At 69% of companies they can steal sensitive data, including information about employees, email correspondence, and internal documentation. At the 75% of industrial companies whose networks Positive Technologies was able to penetrate, they could also access ICSs in 56% of the cases. According to the researchers, industrial organisations attract criminals because of their size, the importance of their processes, and their impact on the world and people’s lives. The report suggests that the main threats are espionage and financial losses. Although security specialists aim to identify possible consequences of cyber- attacks, and to build security systems based on this knowledge, company managers are not keen on actions that could negatively affect their companies’operations. Protecting industrial networks requires modelling of critical systems to test their parameters, verify the feasibility of business risks, and detect vulnerabilities. But assessing possible cyber-incidents in real-world infrastructures is almost impossible. Positive Technologies recommends that industrial companies should use security specialists to verify the cyber-events that are unacceptable to their businesses, evaluate their implications, and assess possible damage without disrupting their processes. https://www.ptsecurity.com/ww-en/analytics/ics-risks-2021 Hackers ‘can access networks at 91% of industrial companies’ Security boundaries can protect production lines without affecting other systems when cyber-security incidents occur Images courtesy of Moxa