Category Cybersecurity

In recent years, more enterprises and public utilities are leveraging 5G and Internet of Things (IoT) technologies to connect their industrial operation technology (OT) systems to the information technology (IT) systems or the Internet. This enables the operation data of factory machines and critical infrastructure equipment to be sent back to the IT systems instantly, making it more convenient to monitor and analyse their operation in real time, and even automatically adjust their operation parameters, so as to improve efficiency and productivity, and enhance management.

Previously, OT systems and IT systems were in two completely separated networks without any interconnection. OT systems have their own communication protocols such as Modbus, which are different from the TCP/IP protocol used in IT systems, making these two systems working independently without interaction. Nowadays, these two systems have gradually adopted the same standardised protocol or used Internet of Things (IoT) devices to connect the two systems and share data. In the future, OT systems and IT systems will be converged to bring automation and intelligence to the industry.

The convergence of OT systems and IT systems brings not only opportunities, but also new cyber security risks. One example is that once the two systems are connected, malware risks that only affect IT systems previously will now extend to OT systems.

Indeed, such risks are already materialising. According to an IBM report,  manufacturing industry suffered the most cyber attacks in 2021. Ransomware was one of the most common cyber attacks on OT systems. The reason was that OT systems help generate income. Once hackers use ransomwares to paralyse the operations of OT systems, organisations suffer heavy losses directly. The affected organisations are more likely to pay the ransom in order to resume operations. If the affected organisations are critical infrastructures sector, such as electricity, public utilities, transportation, etc., the impact will be extended to the public. Hackers can even coerce the affected organisations to pay a larger amount of ransom.

For example, in March 2021, hackers used the remote software TeamViewer to gain access to the computer system of Oldsmar in Florida, United States and tried to change the concentration of chemicals in the city’s water supply facilities, which was enough to seriously harm the human body.

This blog will discuss the security challenges of IT/OT convergence and the preparations before and after the convergence, and introduce measures to reduce the risks.

Read the full article: https://www.hkcert.org/blog/how-to-mitigate-new-cyber-security-risks-arising-from-the-growing-use-of-technology-in-industrial-operations

Source: HKCERT - https://www.hkcert.org/blog/how-to-mitigate-new-cyber-security-risks-arising-from-the-growing-use-of-technology-in-industrial-operations