Operational Technology and cyber-physical security challenges

OT Security

What is Operational Technology (OT)?

 

OT is everywhere around us.  It enables modern society, by delivering critical infrastructure such as electricity and water, managing complex transportation networks, delivering advanced health care capabilities, manufacturing our goods, producing and distributing our food and medicines, and regulating our environments.  OT uses specialised hardware and software to monitor and control physical processes.  

OT however cannot stand up to basic cyber threats when connected to traditional IT networks.  IT cybersecurity responses simply do not work in OT environments due to the different design principles for OT that favour availability and safety over confidentiality and privacy which are often top concerns in the IT space.

 

What is OT Security?

 

In order to understand OT security and its challenges, it helps to contrast it with traditional IT security.  In terms of objectives,  IT security is geared to ensure that confidentiality, integrity, and availability of information (the CIA triad) are maintained, with privacy considerations pushing the confidentiality requirement to the top.  In OT networks, safety, reliability and availability are of primary concern.  This turns the CIA triad (mentioned above) upside down, as human life, asset protection and outcome are often tied to the uninterrupted functioning of OT-managed processes.  

As a simplified model, the risk tied to cyber-physical exposure can be considered as follows:  Threats may exploit vulnerabilities in assets, systems or processes to create an undesirable impact.  This risk may be managed by eliminating the threat, reducing the vulnerability or lowering the potential impact.  In practice (both IT and OT), responses usually revolve around reducing vulnerabilities.  This is also where the main similarities between IT and OT are found, ie. in the vulnerability part of the equation.  Both IT and OT are based on technology and as such are exposed to code vulnerabilities, configuration vulnerabilities, weak identities and insecure protocols.

Mature IT practices can address these vulnerabilities in IT networks through patching, configuration hardening, identity management tools and replacing insecure protocols with secure encrypted alternatives.  In many OT environments, these practices are not possible.  Patches may not be available where legacy devices are in play, or it may not be desirable to apply such patches due to the potential negative impact on availability.   Configuration hardening may break interoperability between vendor components, identities are fragmented across devices with embedded or even hard-coded authentication that cannot be centrally managed, and insecure Industrial Control protocols are commonplace.

The table below summarises the challenges in applying IT-type controls in OT environments:

Vulnerability category

IT response

OT challenges

Code vulnerabilities

Automated patching

Patches are mostly not available. Where available, patching requires firmware upgrades with the potential to disrupt availability.

Configuration vulnerabilities

Secure configurations out of the box

Hardening configurations break inter-operability with a high potential to disrupt availability

Weak identities

Single Sign-On, Multi-factor authentication, Privileged Access Management etc.

Identities are fragmented with different capabilities to secure depending on the vendor, often hard-coded or with inadequate role segregation.

Protocol / design vulnerabilities

Secure encrypted authenticated alternatives (e.g. https vs http, ssh vs telnet)

Pervasive unauthenticated and unencrypted ICS protocols, allow instructions to be sent to end nodes with only routable network access as a requirement.

 

Lastly, the threat actors in OT networks also have a different profile from IT networks.  Data breach investigations in IT  frequently confirm financial gain and espionage as primary motivations for attacks on IT networks, mainly driven by Organised Crime.   Although Organised Crime groups are shifting focus to OT networks with multiple cases of ransomware disrupting production lines and healthcare facilities, OT is also actively targeted by Hacktivists and Nation States in a much more persistent manner.

Based on these factors, a different way of thinking and approach to OT security is required.  Cybersplice subscribes to the vulnerability shielding methodology.  Vulnerability shielding disrupts the kill chain by removing the ability of the attacker to exploit vulnerabilities.  This has proven to be an effective approach in OT environments where devices are inherently insecure due to the reasons described above.

Applications
scada
INDUSTRIAL AUTOMATION AND CONTROL SYSTEMS

With Splice, there is no need to touch the actual equipment or code.

ics
SCADA

Splice overcomes device and controller vulnerabilities by building vulnerability shielding, authentication, authorisation and access controls into the network layer.

emb
PLC / DCS

Splice logically isolates targets in an encrypted overlay network for centralised profiling, segregation and Intrusion Detection. ​

iot
BIOMEDICAL, I-IOT AND EMBEDDED

Splice enables sensitive real-world interfacing devices to co-exist securely inside existing IT networks.