The real-world impact of cyberattacks
'%3e%3cpath%20d='M20.7725%2026.9924C20.9555%2026.9924%2021.1297%2026.953%2021.2951%2026.8741C21.4604%2026.7953%2021.6346%2026.6694%2021.8177%2026.4965L27.8373%2020.8125C27.9848%2020.6752%2028.0865%2020.5353%2028.1425%2020.3929C28.1985%2020.2505%2028.2264%2020.1183%2028.2264%2019.9962C28.2264%2019.869%2028.1985%2019.7343%2028.1425%2019.5918C28.0865%2019.4494%2027.9848%2019.3095%2027.8373%2019.1722L21.8177%2013.5417C21.6142%2013.3484%2021.4375%2013.2098%2021.2875%2013.1259C21.1374%2013.042%2020.9708%2013%2020.7877%2013C20.5181%2013%2020.2981%2013.0916%2020.1278%2013.2747C19.9574%2013.4578%2019.8722%2013.6765%2019.8722%2013.9308V16.8147H19.6509C18.2827%2016.8147%2017.1014%2017.0258%2016.107%2017.448C15.1127%2017.8701%2014.2963%2018.4805%2013.658%2019.279C13.0197%2020.0776%2012.5466%2021.0402%2012.2389%2022.1668C11.9312%2023.2934%2011.7773%2024.5612%2011.7773%2025.9701C11.7773%2026.3006%2011.8575%2026.5537%2012.0177%2026.7291C12.1779%2026.9047%2012.3597%2026.9924%2012.5632%2026.9924C12.7259%2026.9924%2012.89%2026.9593%2013.0553%2026.8932C13.2206%2026.8271%2013.3693%2026.6719%2013.5016%2026.4278C13.9441%2025.5936%2014.4553%2024.9413%2015.0351%2024.4708C15.6149%2024.0004%2016.2838%2023.6685%2017.0417%2023.4752C17.7995%2023.2819%2018.6693%2023.1853%2019.6509%2023.1853H19.8722V26.0998C19.8722%2026.3591%2019.9574%2026.5728%2020.1278%2026.7406C20.2981%2026.9085%2020.513%2026.9924%2020.7725%2026.9924Z'%20fill='black'%20fill-opacity='0.85'/%3e%3c/g%3e%3crect%20x='0.5'%20y='0.5'%20width='39'%20height='39'%20rx='19.5'%20stroke='%23F2F2F2'/%3e%3cdefs%3e%3cclipPath%20id='clip0_715_28555'%3e%3crect%20width='16.4491'%20height='14'%20fill='white'%20transform='translate(11.7773%2013)'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
Gartner paints a sobering picture of the digital-first future, having forecasted that the current attacks on operational technology (OT) will evolve to more severe attacks by 2025. These predictions don’t seem far-fetched at all, with the 2021 ransomware attack on Colonial Pipeline demonstrating how the impact of a cyberattack could easily cross over into the real world.
OT security is highly relevant to South-east Asia, especially the Asean nations. The region is home to some of the world’s largest digital economies, with digitalisation representing a significant growth engine.
However, South-east Asia’s rapid digital transformation has also made it a highly attractive target for cybercriminals. Recognising the implications, countries such as Singapore have embedded OT security into its cybersecurity masterplan. Most recently, the Cyber Security Agency of Singapore launched scholarships aimed at bridging the talent gap, strengthening the country’s OT cybersecurity workforce and overall capabilities.
While OT and information technology (IT) were initially designed to function independent of each other, it is becoming commonplace to see a confluence of these networks as organisations pursue higher operating efficiencies through the interconnectivity of systems.
However, this also opens the door to a whole new area of security risks. If not managed properly, threat actors can leverage IT networks to access and exploit vulnerabilities of previously isolated OT systems.
The Current State of OT Security
A NEWSLETTER FOR YOU
Asean Business
Business insights centering on South-east Asia's fast-growing economies.
The IT-OT convergence has seen the rise of attack methods aimed at shutting down critical OT networks, appropriately termed disruptionware. Typically originating in IT networks, the key objective of disruptionware is to suspend essential operations or undermine safety by disrupting key processes governed by OT.
While cybersecurity is increasingly becoming an essential business requirement, the focus remains overwhelmingly placed on the protection of IT networks. The end result is that many organisations today are still operating with inadequate OT security frameworks, impacting their ability to properly protect critical functions governed by these systems.
Further complicating risk management efforts is a tendency to downplay vulnerabilities within OT systems.
Showcasing the scale of the issue, Forescout recently uncovered a set of 56 vulnerabilities affecting devices from 10 major OT vendors, all of which stem from insecurely designed functionality. These identified vulnerabilities could serve as attack vectors for threat actors in the age of IT-OT convergence, allowing for credential theft, remote code execution and firmware manipulation.
Ensuring Safety in the Next Generation of OT Networks
As IT-OT convergence becomes prevalent, holistic cybersecurity strategies will need to be adapted to this newly connected environment for organisations to securely realise the benefits of interconnectivity.
Network segmentation, which is a core component of Zero Trust, helps split a network into multiple smaller networks to compartmentalize the sub-networks based on their security requirements and to contain potential cyberattacks from spreading.
The foundation for effective and dynamic network segmentation lies in strong visibility. Having an accurate, detailed, and up-to-date inventory of devices connected to the network allows security teams to fully understand what devices sit within their network environment and how they are interacting with each other. Some basic principles include:
Knowing the state of your network environment:
How are devices interacting with each other? What protocols are being used?
Does every device need to be on the same network?
What is the current software version compared to what you have deployed?
If there are changes to be made, how will this impact any of the above?
Disabling access to services or software not needed. This could be local to the endpoint or upstream by using network segmentation.
These principles provide the context necessary for accurate segmentation of devices, allowing security teams to assign appropriate security policies that prevent intruders from moving laterally to other networks or devices.
The management of OT infrastructures often involves thousands of interconnected devices to monitor and control operations that were once manual. The complexity involved in monitoring OT networks can be greatly reduced by automating and orchestrating security operations across all assets on a single platform, which can:
Ensure existing security products are installed, running and up to date.
Provide insight on device, user and network context between different IT and security products and enable operational team to identify process operations issues early on to avoid downtime.
Automate system-wide policy enforcement across disparate solutions.
Accelerate response actions to inform operators and contain identified threats, mitigating risks in a timely manner.
It is also essential to note that IT-OT convergence is not merely an integration of technologies, but also teams and processes. IT security teams must incorporate the nuances of industrial environments as a key consideration. For instance, the scale, complexity, and mission critical nature of OT such as energy grids often means that it is not possible to take them offline to address vulnerabilities in the event of an attack.
The Road towards a Secure Digital-first Economy
To secure OT and ICS, organisations need to maximise visibility into their OT environments, tightening security across the entire enterprise. With proper visibility, segmentation, and orchestration of point solutions across the entire threat landscape, organisations can effectively identify and rebuff cyberattacks on their networks, and carry on operations with confidence.
The writer VP of Asia Pacific & Japan at Forescout.
'/%3e%3cpath%20d='M35.1847%2014.0422L9.37867%2024.1703C8.88772%2024.363%208.86989%2025.051%209.35015%2025.2688L15.0551%2027.8567C15.2097%2027.9269%2015.327%2028.0594%2015.3778%2028.2212L17.8255%2036.0078C17.9491%2036.4009%2018.4247%2036.5534%2018.7539%2036.3054L23.0143%2033.0968C23.2178%2032.9435%2023.4961%2032.9364%2023.7072%2033.0787L30.8526%2037.8975C31.2091%2038.1378%2031.6951%2037.9339%2031.7732%2037.5114L35.9896%2014.7059C36.0747%2014.2456%2035.6206%2013.8712%2035.1847%2014.0422Z'%20fill='%23FDFEFF'/%3e%3cpath%20d='M15.3125%2027.9998L30.4162%2018.627L19.3691%2029.3628L19.548%2033.3966L18.9531%2036.1248C18.3783%2036.7236%2017.9297%2036.2772%2017.8477%2036.0662L15.3681%2028.178L15.2734%2028.0233L15.3125%2027.9998Z'%20fill='%23C8DAEA'/%3e%3cpath%20d='M18.3594%2036.4259L19.3511%2029.3447L23.519%2032.9856C23.303%2032.9612%2023.1588%2032.9863%2023.0268%2033.0859L19.0712%2036.0718C18.6289%2036.4572%2018.4297%2036.4455%2018.3594%2036.4259Z'%20fill='%23A9C9DD'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear'%20x1='33'%20y1='7.5'%20x2='19'%20y2='36.5'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%231E96C8'/%3e%3cstop%20offset='1'%20stop-color='%2337AEE2'%20stop-opacity='0'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e)
BT is now on Telegram!
For daily updates on weekdays and specially selected content for the weekend. Subscribe to t.me/BizTimes
Asean
Indonesia’s Mount Ruang erupts again, closes international airport
Singapore, Indonesia to deepen cooperation on green economy
Thailand cuts growth outlook but pins hopes on Q4 stimulus boost
Indonesia’s Q1 FDI up 16% at 204.4 trillion rupiah despite political uncertainty
Indonesia to drive the growth of Asean’s green economy: PM Lee
Vietnam’s inflation advances to 15-month high amid FX, gold pressures
