Category Archives: TAG Cyber

The future of OT security in critical infrastructure

Both the likelihood and consequences of cyberattacks to OT/ICS components continue to grow for modern industrial operations. While current advances in OT/ICS cyber security are impressive, new approaches are needed to gain defensive advantage over already-capable cyber adversaries, to keep up with new OT/ICS technologies, and to serve business risk management needs in increasingly-demanding, competitive environments. In all these cases, progress only comes when both IT and OT stakeholders can (1) correctly assess current and … More

The post The future of OT security in critical infrastructure appeared first on Help Net Security.

Industrial cybersecurity: Protecting OT from IT

A powerful technique for protecting OT from IT, or to enforce whatever separation is required to ensure the integrity of industrial control infrastructure, involves controlling the direction of traffic into or out of an ICS enclave. At first glance, it might seem counterintuitive to restrict bidirectional traffic between OT devices and management systems, but closer inspection reveals that across IT/OT interfaces, almost all data flows are from OT to IT systems, and hardware unidirectional flow … More

The post Industrial cybersecurity: Protecting OT from IT appeared first on Help Net Security.

SCADA vulnerabilities in ICS architectures

A major challenge in industrial control system architecture involves the dual nature of its underlying technologies. That is, a typical ICS component must have the capability to exchange information with both IT and OT systems across designated network or system interfaces. This is different from traditional industrial devices like heat pumps, actuators, and motors that were previously only accessed and controlled by OT systems, usually either analog or electro-mechanical. So, today the existence of two … More

The post SCADA vulnerabilities in ICS architectures appeared first on Help Net Security.

How hackers exploit critical infrastructure

The traditional focus of most hackers has been on software, but the historical focus of crime is on anything of value. It should come as no surprise, therefore, that as operational technology (OT) and industrial control system (ICS) infrastructure have become much more prominent components of national critical infrastructure, that malicious hacking activity would be increasingly targeted in this direction. It also stands to reason that the salient aspects of hacking – namely, remote access, … More

The post How hackers exploit critical infrastructure appeared first on Help Net Security.

An overview of the OT/ICS landscape for cyber professionals

Most cyber security professionals take for granted the information technology or IT nature of their work. That is, when designing cyber protections for some target infrastructure, it is generally presumed that protections are required for software running on computers and networks. The question of whether some system is digital or even computerized would seem to have been last relevant to ask in 1970. We all presume that everything is software on CPUs. The problem is … More

The post An overview of the OT/ICS landscape for cyber professionals appeared first on Help Net Security.