Page 122 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 122

Converging Operational and Information Technology

            Historically,  critical  infrastructure  sectors  relied  heavily  on  operational  technology  (OT)  rather  than
            information technology (IT). Until recently, OT systems ran on proprietary protocols and software, lacked
            automation, required manual administration by people, and had no external connectivity. Today, the OT
            landscape is increasingly converging with IT systems. However, OT professionals and IT experts often
            lack  a  comprehensive  understanding  of  their  counterparts,  which  further  complicates  an  already
            precarious union.

            Convergence allows for revolutionary new capabilities and efficiencies, such as the ability for OT systems
            to produce valuable data analytics. However, the shift from largely closed systems to open ones has
            generated  myriad  cybersecurity  risks.  In  fact,  cyberattacks  against  critical  infrastructure  skyrocketed
            2,000%  in  2019.  Vulnerabilities  were  further  exacerbated  by  the  global  shift  to  remote  work  post-
            pandemic.

            The  need  for  employees  to  connect  remotely  to  OT  systems  from  personal  devices  on  their  home
            networks meant even fewer security controls were in place on the IT end when compared to traditional
            corporate environments. These remote connections have blurred the IT-OT segmentation and expanded
            the attack surface by providing new entry points for hackers to exploit.



            The Air-Gap Argument

            While some could reasonably speculate that the benefits of convergence are not worth the potential cost,
            and instead argue for a practice known as “air-gapping,” in which OT and IT systems are completely
            segregated and the OT system is entirely isolated from the outside world. However, in our modern, digital
            world, accidental convergence is nearly impossible to maintain, and should be anticipated.

            For example, electromagnetic radiation, FM frequency signals, thermal communication channels, cellular
            frequencies, near-field communication (NFC) channels and even LED light pulses can expose critical
            systems to malicious activity. Something as innocuous as an external laptop being used as an HMI or a
            USB thumb drive used for OT purposes can accidentally converge an IT and OT system, opening the
            door for serious exploitation.

            Therefore, organizations who adhere to an air-gapped security model are the most at risk because they
            do  not  implement  any  additional  security measures.  As  such,  convergence  is  inevitable,  and  largely
            beneficial, when executed securely.

            As industrial systems become further intertwined with IT, they become increasingly vulnerable. Many
            have opted to use Virtual Private Networks (VPNs) to secure their OT infrastructure, but VPNs lack the
            advanced security features, visibility, and scalability necessary to fully protect a converged system.












                                                                                                            122
   117   118   119   120   121   122   123   124   125   126   127