Cyber security is more critical than ever for industrial control systems (ICS) and operational technology networks (OT). These industries are being heavily targeted by nation-state threat actors in connection with the Russian attack on Ukraine and are included in the Shields Up warning from CISA.
Industry 4.0 has brought about a new era of manufacturing that relies on connected machines that communicate with one another. This technology has enhanced production considerably, but it also creates opportunities for hackers to steal sensitive information and interfere with manufacturing processes.
If you haven’t already, you need to change passwords, review your internal and external exposure, and shrink your footprint. If your servers need internet or PDF readers installed, limit the access to just those resources. Make sure you know what resources are hosted and exposed through your internet connection.
Ramping up basic cyber security activities like patching, MFA, least privileged access, network segmentation, and limiting outbound traffic from your server infrastructure are very effective in stopping ransomware, DDOS, and Man-In-The-Middle nation-state attacks. Ensuring that you have complete network visibility to anomalous behavior will allow you to take quick action as well as monitor workstations for command and control activities.
Critical Shields Up Actions for ICS and OT:
(click on links for advisories providing in-depth mitigations)
Implementing a security platform that supports an evolving (as opposed to static) network baseline using unsupervised AI is critical to catching anomalous behavior and avoiding attacks. Managed services that employ anomaly detection across SCADA and automated manufacturing network devices and correlation with alerts on the corporate network mitigate the risk of an impactful breach.
RAVENii offers managed services such as our SIEM Wave 3 Solution, which is powered by MixMode and is the only solution on the market utilizing 3rd Wave Artificial Intelligence. MixMode is a revolutionary AI-focused Cyber Security Company using patented third-wave AI originally developed for projects at DARPA and the DoD. MixMode’s AI-Powered Network Traffic Analytics Platform provides deep network visibility and predictive threat detection capabilities, enabling efficient real-time and retrospective threat detection and visualization.
RAVENii can help you get your Shields Up with our advisory program and other managed security services like Security Awareness & Phishing Testing, Network Security Monitoring, and Multi-Factor Authentication.