EDITOR ’ S QUESTION
GARY KINGHORN , SENIOR DIRECTOR PRODUCT MARKETING
AT NOZOMI NETWORKS
Industrial Internet of Things ( IIoT ) devices are playing a larger role in critical infrastructure , including surveillance cameras and process sensors .
A new generation of more sophisticated and well-funded attackers from nation states and large cybercrime affiliate networks view critical infrastructure as more vulnerable than traditional IT networks because of the damage it can inflict on the business , the economy , or even a whole country . Further , ransomware payments for successful attacks against critical sites have climbed into the tens or hundreds of millions of dollars each .
The vulnerability of critical infrastructure is well known . Its operational networks have traditionally been unreachable – or air-gapped – from IT users and the outside Internet , meaning security is not top of mind within their design . However , the proliferation of Digital Transformation and automated processes mean they can now easily be accessed by remote users and applications directly through Wi-Fi , cellular or local area networks . Many ageing legacy environments have technical requirements that make them ill-suited for traditional IT security solutions , such as bandwidth and communication constraints , proprietary protocols and a lack of current research into common system vulnerabilities . geopolitical or monetary benefits to a potential attacker provide a strong motive .
But governments worldwide are starting to act . In the US , funds are being allocated – along with guidelines and mandates – to shore up the nation ’ s cyberdefenses in critical industries , starting with the utility and oil and gas sectors . Globally , law enforcement organizations like Interpol , Europol and the FBI are collaborating to take down massive international ransomware gangs , seize funds and recover data . But how can critical infrastructure providers best respond to mitigate potential future damage ?
Nozomi Networks Labs ’ semi-annual report on the state of critical infrastructure cybersecurity covers emerging attack trends and remediation tactics from the second half of 2021 . Recommendations include deploying network segmentation as a way to contain the spread of malware , and a Zero Trust network philosophy to limit malicious activity in a more connected world .
Organizations should also look to reduce the available attack surface by removing known vulnerabilities , seldom-used services and applications , and reducing the number of credentialed users that can access systems .
Finally , improving network reconnaissance and monitoring with an understanding of normal process activity can help quickly identify potential threats and correlate anomalies to more efficiently prioritize alerts and remediation efforts .
Industrial Internet of Things ( IIoT ) devices are playing a larger role in critical infrastructure , including surveillance cameras and process sensors which run low-power , low-cost operating systems without the security posture and features of IT laptops and servers . And with potentially devastating consequences for bringing down a critical infrastructure provider , the
A multi-pronged approach to cybersecurity , including knowing devices on your network , what versions of software and third-party libraries they are running with known vulnerabilities , and who or what they are communicating with , is vital to staying ahead of emerging threats in 2022 and beyond . This is the year to not get left behind .
34 INTELLIGENTCIO APAC www . intelligentcio . com