In cybersecurity, there are two worlds. There’s IT or information technology, with its databases and business systems. And there’s OT or operational technology, with its consumer, medical, industrial, and other equipment. OT can be light years away in looks, functionality, and behavior from IT’s office servers, PCs and mobile computing devices. So, if you’re starting to work on OT cybersecurity, you may be in for a few surprises. Here are seven (and-a-half) things to know to help you get it right.
1. Glorious isolation.
In the past, there was not much need for OT installations or machines to be connected to the external world. Internal industrial or hospital networks existed, but often with no link to the outside. And therefore, no protection when connectivity started to become important.
2. A culture of reliability, more than confidentiality.
Staff working with OT installations may be obsessed with the equipment working properly, while paying little or no attention to security (see ‘Glorious isolation’, above). People are critically important in any security setup. Be prepared to educate as needed.
3. Hard-coded security data.
Devices connecting to the Internet of Things (IoT) often have a poor reputation, when it comes to access protection. Many of them only have a fixed ID and password, often printed for all to see in the device manual. Manufacturers are slowly improving but be watch out.
4. Delicate timing mechanisms.
OT is all about the real world, where moving parts and operations must synchronize precisely. Trying to bolt on cybersecurity software or hardware may introduce delays that wreck these timing mechanisms. In some contexts, such as critical patient care, the consequences could even be fatal.
5. Unprotected protocols.
On the web many consumers know how important secure connections are, for instance when making online payments. However, in the OT world, secure network protocols may be few and far between. In fact, some widely used industrial protocols have little or no security.
6. ‘If it ain’t broke, don’t fix it’.
There’s a reason why there is often so much older equipment in OT installations: it works. Trying to upgrade the software of an OT system, even to improve security, can be painful. This is especially true when it is connected to other systems from other vendors (which is frequently the case).
7. Cyber-physical attacks.
It’s bad enough having confidential data stolen or damaged. However, in an OT installation, attackers might also shut down life support systems, stop heating and lighting from functioning, wreck production lines, open dam gates, and much, much more. Remember to factor this into your OT cybersecurity plan.
The good news is that with the right approach, you can eliminate or sufficiently mitigate the issues above. Now, here’s our remaining half-a-thing-to-know. While your OT machines and IoT devices may appear to be functioning properly and doing their job for you, they may have been infected by malware that makes them attack other systems. There have been high-profile cases recently like the Dyn cyberattack in which ‘hijacked’ IoT devices were used massively to bring the target system down. So, don’t delay – Use the information above to start putting your OT cybersecurity in order today.