Hardening Remote Access a Must for OT

July 8, 2024 – Published on Nexus

Attacks on operational technology (OT) and industrial control systems (ICS) are rising. New research shows attacks on OT systems increased from 49% of organizations in 2023 to 73% this year, and the percentage of organizations that experienced more than six intrusions in the past 12 months leapt from 11% to 31%. Because of increased connectivity and investments in digital transformation, remote access attacks will likely remain high.

Earlier this year, the Cybersecurity & Infrastructure Security Agency (CISA) and the FBI announced that they responded to several U.S.-based wastewater system operators that experienced what is being described as “limited physical disruptions” from a threat actor that gained remote access to human-machine interfaces (HMIs). 

Due to the high-stakes nature of OT/ICS environments, securing remote access is crucial as breaches can lead to manipulation of OT systems, including equipment damage, production disruptions, environmental hazards, and even risk to human safety. 

Chris Warner, senior security consultant at GuidePoint Security, advises organizations to implement network segmentation to isolate OT networks from business networks and from having direct access to the Internet. “Use firewalls and access control lists (ACLs) to enforce strict traffic control between network segments. Further, develop micro-segmentation designs and work to build enclaves and safe-restart zones,” Warner says.

Read More HERE.