Protecting IoT devices and OT Networks from a Cyber Pandemic

Watch our webinar on Wednesday 17 June and discover how Check Point’s ICS security solution makes it easy for enterprises to protect their critical infrastructure and operations

By, Mor Ahuvia, Product Marketing, Security Platforms

During the Covid-19 pandemic, enterprises rapidly moved to mass remote-working – which also expanded their attack surface and affected their ability to secure their networks. A recent World Economic Forum analysis showed that cyber-security operations globally are under immense pressure, which has significantly increased every organizations’ exposure to cyber-threats. And this includes the organizations running the critical infrastructure which supplies power, water, oil and gas to our homes, businesses, hospitals and schools. It also includes the manufacturers that make the products we all buy, from foodstuffs to medicines to cars.

Put simply, the stage is set for catastrophic cyber-attacks against the industrial control systems (ICS) and operational technology (OT) which run the processes that we all rely on.  If successful, these attacks could cause power blackouts across cities or regions, or disrupt production of critical products – such as an important drug treatment.

Cyber-attacks go critical

If this sounds a little extreme, then here are just two recent examples of attacks against critical infrastructure, ICS and OT.

  • In April, a water-pumping station in central Israel experienced an attack intended to raise chlorine levels in drinking water to the point where they would be hazardous to health. The attack used malicious code developed by a nation-state.
  • In May, a company integral to the UK’s electricity grid was hit by a ransomware attack, disrupting its operations for over 24 hours – luckily, not affecting electricity supply. Also in May, the U.S. President signed an executive order that declared foreign cybersecurity threats to the country’s electricity system a national emergency.

These attacks are merely the tip of the iceberg.  IBM’s 2020 Threat Intelligence Index showed that targeted attacks against ICS and manufacturing systems increased over 2,000% in 2019, often involving nation-states or using ransomware to damage critical operations. The SANS 2019 State of OT/ICS Cybersecurity Survey showed that 61% of incidents disrupted organizations’ OT, affecting production processes.

The problem is that securing today’s critical infrastructure, ICS and manufacturing systems against cyber-attacks is more challenging than ever before, as companies embrace ‘Industry 4.0.’  This is the combination of traditional manufacturing and industrial IT and practices with the latest smart technology, such as IoT and M2M communications to enable automated, smart processes.  Networks have expanded hugely, with tens of thousands of new, intelligent devices – which means thousands of new points of vulnerability. It also means that an attack can spread from an employee’s laptop or mobile device, and spread to its OT and manufacturing systems.  The risk of a malware or zero-day attack exploiting this vector is even higher during the remote working enforced by Covid-19.

Averting the perfect storm

Given this ‘perfect storm’ of cyber-risk factors, it is essential that we secure our critical infrastructures, OT and manufacturing systems in all environments, from the shop floor and field, to the cloud.  We need to stop threats targeting vulnerabilities in the OT systems and devices themselves, and also prevent threats from targeting employee laptops and mobiles then spreading to OT to disrupt and damage operations.

To find out how to do this, join our webinar on Wednesday June 17th  to learn how Check Point’s new ICS security solution makes it easy for enterprises to protect both their IT and OT networks, and critical infrastructure, and prevent attacks from impacting operations.  The Covid-19 pandemic will pass in time, but it’s effects on our IT and OT security continue to be felt.  Our webinar will show how those risks can be eliminated.