OT security 5 tips on transfer data on OT networks
Von Galina Antova
In the last under year, we have a written record of Ransomware-Affiliates in the Network of Industrial Technology (OT). While this attitude in the public eye is very important, the experts have already given a certain time.
Advertiser for Theme
Bereits at the RSA Conference 2018 has a number of leading security experts from the public and private sector to a review of the topic of financial and destructive attacks. It is also possible to provide, in addition to the state-of-the-art OT-Networks and Visier: 2017 saw NotPetya, that the unplanned transcripts of Ransomware on OT-Networks (Spillover-Effect). With a number of multinational companies in the unparalleled branches of the company for the benefit of the health sector, the energy sector and the transport industry. The damages cost him 10 billion US dollars. It was only a question of time, cybercrime, that the OT network for the company was determined and that the most important things were.
OT Netze is the backbone of many companies
If you pay attention, the company is directly responsible for the fact that their OT networks work free of charge. When Ransomware-anriffe speziell auf industrijulle Umbebungen abzielen, kann dies zu Störungen dieser Systeme führen und hat damit Auswirkungen auf da Kerngeschäft des Unternehmens. Soar wenn die dieteiber nur teilweise den Einblick in die Netzwerkaktivität verlieren, sind oftmals Absluklungen aufrund von Bedenken bezüzlichich der Produktqualität od der funktionellen Sicherheit (safety) erforderlichch. Finally, there is a risk of physical interference in productivity and productivity and in some cases also for a person for men.
Take advantage of different tactics and techniques, one company to infiltrate. You can also use the Spearphishing access to the IT network to access and network the OT network, or search for direct connections to the Internet to enable you to use this user. Von dort aus steht die Tür offen, um mittels Ransomware Daten z verschlüsseln. Leider is not a member of the public, but he is also a member of the Ministry of Health, but he has never been involved in the OT network.
Cyber resilience is strong
Designation of the digital transformation and construction of the remote work area is a great opportunity to build the infrastructure. Affiliates on this infrastructure are removable, but they are also extremely difficult. And this situation will be maintained, that the OT networks are connected to the IT infrastructure. The companies are built from good grounds to their hyperconnectivity from: A specific connection of the existing systems is considered to be a highly efficient and profitable system. Encouraging is due to the fact that these connections are also safe. Here you can see the tips for tips.
Tip 1: Expand Your Risk Management Governance to All Cyber-Physical Devices
It also provides all components of the IoT industry, industrial control systems (ICS) and IoT companies. Dieser Schritt ist vor allem deshalb eine große Herausforderung, da es nicht einfach ist, diese Assets überhaupt zu identifizieren. This process can be reversed. Here you can find the most common solutions to the provision, the companies can help you, you can easily find and profile your profile, risk and success.
Type 2: Set up a segmented segmentation between IT and OT networks
There are many business processes and applications that communicate between IT / OT borders. Daher must be sure, that is sure to be sure. This simple letter is really self-explanatory. Depending on the IT / OT segmentation, a virtual segmentation is provided for the zones within the OT environment. The service at the location of the lateral movements is within the OT network. If you work from the company directly on the OT network, you can also use the OT network to ensure that you have a safe connection with strict controls for users, devices and services.
Tip 3: See you for a good Cyber hygiene
Stellen Sie sicher, dass sie auch OT- und IoT-Geräte umfasst. Here you will need to secure your password (and the collection of the same use of passwords by different users, which is in the industry to be a failure), a password safe and a multi-factor authentication. Einige Prozesse, wie z. B. das Patchen von Altsystemen, sind möglicherweise swwierig oder gar nicht möglich. When this fall is over, you can compensate and implement compensatory controls and firewall controls and control checklists. Some security providers provide free tools for availability. If you find yourself in the Alliance for Cyber Security, pay attention to the information and instructions that we have in particular. The US-American Agency for Cyber Security and Infrastructure Security (CISA) also provides a number of free tools, discounts and tests, and the management of the company is limited.
Type 4: Implement a robust system monitoring
Sowohl IT- as well as OT-Networks and everything, was this border overdue, must be on duty overhauled. Agent-specific solutions, especially for continuous monitoring of employees in the OT network, are fully implemented, can be implemented quickly, can be easily used in OT and IT systems and equipment and staffing teams. Surveys are shared. On the basis of the information provided, these teams are able to increase the number of risk-taking measures, and to reduce and reduce new risks.
Tip 5: Create an Incident Response Plan and report an accident
The transmissions of the transmissions on the Ransomware-Affiliates can be found, your organizational and technical precautions can be taken into account. On these days the cannon plan can be optimized and the new areas can be built and given to your resilience.
Ransomware attacks include pipelines, production facilities and food supply. Und obwohl keiner dieser bislang bekanntgewordenen Anriffe die OT-Umgebung direkt getroffen zu haben scheint, ist dies nur eine Frage der Zeit. See you soon and know the tools and tools that are available to you. With a couple of simple, basic treats, the risk of a ransomware attack on industrial environment is limited.
About the author: Galina Antova is Mit-Grunderin and Chief Business Development Officer of Claroty.