industry unlocked
backed hacker gangs like DarkSide , compromised supply chain vendors like Pulse Connect Secure , or from insider threats like disgruntled or negligent employees . These insider attacks are typically harder to detect and prevent than external attacks .
A Ponemon Institute study published in January 2021 found that insider cybersecurity incidents have risen 47 % since 2018 and the average annual cost of an insider-caused breach also increased , up 31 % to US $ 11.5 million .
One issue that utilities run into in preventing such attacks is that both IT and OT systems have not kept pace with security requirements , firmware and software updates , which can create an easy entry point for hackers . When combined with an increasing number of both IT and OT connected devices , this creates the perfect storm for a breach .
Why utilities need Zero Trust device-level security
Given the vulnerability of legacy OT devices , the nature of APT attacks on these devices and the diverse sources these attacks have stemmed from , critical infrastructures and OT operators must ensure that each device they rollout or integrate onto their network is itself impermeable . This can only be guaranteed by introducing Zero Trust device-level security that protects connected devices like smart meters from all attack vectors through installation , implementation , maintenance and future upgrades .
One way of doing this is to introduce a solution with an embedded software gatekeeper within the device that will provide Zero Trust and passive prevention against outsider , supply chain and insider APT threats by automatically rejecting all changes unauthenticated by a trusted external server . This prevents persistency and maintains the device integrity because bad actors will not be able to inject their code into the nonvolatile memory and impact the device ’ s functionality . This will not stop future hackers from trying to breach converged IT / OT systems , but it will at least secure the most vulnerable potential points of attack , while using limited computing power and will prevent devices from being used as attack points on other systems . Not least , it protects the investment in the assets themselves and their operational capability .
As the threats to utilities and critical infrastructure grow , it is essential for decision-makers to prioritise investment in both IT and OT security before they become victims of a devastating attack that can create far-reaching problems for their companies , customers and even the world . u
46 www . intelligentciso . com