In light of the news that The Department of Energy is planning a test of the real-world consequences associated with successful cyberattacks against core country services, please find below comment from David Emm, Principal Security Researcher at Kaspersky Lab.
David Emm, Principal Security Researcher at Kaspersky Lab:
“Critical national infrastructure is increasingly embracing digital transformation, introducing Industrial IoT (IIOT), ubiquitous wireless networks and connected devices to enhance productivity and operational efficiency. However, with this innovation comes a number of cybersecurity challenges that need to be understood and addressed.
There is a lack of understanding about the level of cyber-risk associated with growing connectivity in the infrastructure industry. Our research has found that sixty-one per cent of those asked consider the implementation of IoT in their ICS/OT systems to be a minor cybersecurity challenge or no challenge at all.
Kaspersky Lab advises the following tips to stay safe:
- Regularly update operating systems, application software and security solutions on systems that are part of critical infrastructure
- Restrict network traffic on ports and protocols used on edge routers and inside operational technology (OT) networks
- Audit all access controls within the network and at the perimeter
- Implement dedicated endpoint protection solutions to secure OT and infrastructure from random cyberattacks
- Deploy network traffic monitoring, analysis and detection solutions for better protection from targeted attacks
- Audit policies and practices related to the use of removable media and portable devices
- Provide training and support for employees as well as partners and suppliers with access to your network.”