Share this article on:
When it comes to IT security, the majority of effort tends to be focused on the systems, applications and data that sits at the centre of organisations. These resources need to be protected from attack or misuse at all times, Mark Lukie at Barracuda writes.
Increasingly, however, attention is also being given to the security measures protecting operational technology (OT) and the industrial internet of things (IIoT). These systems underpin everything from power grids and water networks to large-scale manufacturing and processing plants.
Attacks on such resources can have a significant impact on large numbers of organisations. If a power grid is knocked out, many thousands of businesses can experience debilitating and expensive disruptions.
Common attack vectors
To gain an understanding of the current situation when it comes to OT and IIoT, Barracuda commissioned a global research report. The report highlighted how attacks are taking place and the impact they are having on operations.
Of those surveyed in Australia, 43 per cent reported they had experienced web application attacks during the past 12 months. This was followed by API attacks (32 percent), compromised remote access (30 per cent) and ransomware (29 per cent).
This highlights the vital need for IIoT and OT security measures to ensure critical assets are protected. In many cases, this will require an increase in investment and staffing to maintain the protective tools and technologies.
The report found there is certainly considerable work that needs to be done. Overall, while 72 per cent of those surveyed said they had started work on establishing protective measures, less than a third have actually completed the task.
Interestingly, the oil and gas sectors are furthest ahead when it comes to completing IIoT and OT securing projects while agriculture, forestry and fishing are lagging well behind. In sectors such as biotechnology, chemicals and pharmaceuticals, only a fifth of survey respondents have completed their projects.
While the impact of OT and IIoT attacks can vary significantly between organisations, 46 per cent of Australian organisations said the attacks had a moderate impact while 38 per cent described it as minimal. Encouragingly, 100 per cent of those which had completed their protective projects said they had experienced no impact from a major attack at all.
Minimising the impact
When a cyber attack against OT and IIoT resources occurs, it is vital for an organisation to minimise the impact by preventing lateral movement through infrastructures. The most effective way to achieve this is through network segmentation.
The survey showed that only 34 per cent of Australian organisations have yet implemented segmentation between the IT and OT resources, despite this being what is usually the first step in improving protection. This shows there is significantly more work that is required.
A further step that should be taken is micro-segmentation. This isolates each single device or groups of devices which makes them far more difficult to compromise.
Another key step to minimise the impact of cyber attacks against OT and IIoT resources is through keeping all components fully patched and updated. According to the survey results, security updates are, on average, being applied every 1.25 months.
Public-sector organisations are leading the charge and are applying updates twice a month. Of those in other sectors, nearly a quarter update monthly while just 6 per cent confirmed they only apply updates every six months.
An ongoing challenge
It’s clear that the number and sophistication of OT and IIoT attacks are going to continue to increase. For this reason, it is vital that organisations do not delay the process of putting adequate protective measures in place.
The survey found that almost 90 per cent of Australian organisations have already experienced at least one security incident while 84 per cent reported that the incident had an impact on their operations for one day or more.
Encouragingly, the majority of organisations are already implementing OT/IIoT security projects and must continue to drive their progress to achieve the best possible protection. In this way, even as the number of attacks increases, the impact they have can be minimised.
Mark Lukie is the director of sales engineering - APAC at Barracuda.