News broke earlier today that Ciaran Martin from the National Cyber Security Centre warned the threat of cyberattacks on Britain’s critical national security infrastructure from hostile states like Russia and North Korea has soared over the last two years.
Edgard Capdevielle, CEO at Nozomi Networks:
“The NSCS warning of the rise in the number of cyberattacks to the nation’s critical infrastructure is another reminder of the dangers of those threats, which puts both IT and OT networks at risk.
“Earlier this year, Nozomi researchers embarked on a project to create a security testing tool, using OSS, capable of automatically finding vulnerabilities in proprietary protocols used by ICS devices – such as PLCs, remote terminal units (RTUs), etc. Using just this OSS tool, Nozomi’s researchers could identify eight zero-day vulnerabilities within PLCs affecting a number of vendors – including Wago, Siemens, Schneider, Emerson and GE. The discovery time was as little as a few hours, although some took significantly longer to be identified.
In all cases, the tool found at least one vulnerability per device. The potential attacks that could be launched against the devices varied – from the shutdown of the controllers (DoS) to being unable to manage the devices through their software and potentially the corruption of normal processes which could be extremely serious.
“As attackers continue to employ innovative tactics and create even more sophisticated cyberattacks, defenders must be equally resourceful. Solutions are available now that can help IT and OT teams work effectively to see and secure their industrial networks. The key to mitigation is achieving real-time visibility and rich integrations with existing cybersecurity infrastructure. Critical infrastructure threats are real and for organization to successfully mitigate the risks they need to speed up the collaboration between IT and OT.
“In addition, innovation and implementation of advanced cybersecurity technologies, such as machine learning and artificial intelligence, are an important step toward safe and reliable critical infrastructure. By establishing a baseline of ICS network communications and conducting active monitoring for anomalies, anything that detracts from expected behavioural patterns can be flagged and addressed.”