OT cybersecurity is an essential part of defending industrial and critical infrastructure. With the increasing connectedness of OT environments and the convergence of IT and OT, attacks against this environment have escalated in recent years.
There are several reasons for this. One is that OT is at different states of maturity across different types of organizations. Another is that the vulnerabilities of these environments are largely unknown to the organizations that run them. The third is the critical nature of the infrastructure, such as energy and utility or manufacturing plants, making them attractive targets for nation state hackers or ransomware groups.
“One of the challenges is that organizations don't have an accurate view of their current asset landscape and the vulnerabilities that are present in those assets. Not every organization is at the same level, some have greater visibility than others. But the vulnerabilities that exist in these assets is a big gap where organizations have challenges,” says Srinivasan Sreekumar, Practice Director - Cloud and Infrastructure Security at HCLTech.
The need to protect the OT environment
The OT environment supports critical infrastructure, which must be protected, because disrupting these services impacts people.
In some recent incidents, oil pipelines have been blocked to cause disruption to people. There has also been a few attempts to poison water sources.
With the current geopolitical crisis and specifically the war in Ukraine, nation state hacking against OT environments is also on the rise.
In 2022, state-sponsored cyberattacks targeting users in NATO countries increased by 300% compared to 2020, according to Google data. And, Russia has targeted Ukrainian infrastructure, including banking, power grids, and internet facilities, while Ukraine set up its own IT army to attack crucial Russian websites through distributed denial of service attacks.
The challenge, as mentioned, is that OT environments are increasingly connected with more network connected sensors and devices, which can potentially become threat vectors that can be exploited.
Protecting the OT environment
The first step, according to Sreekumar, is accurately understanding what you have that needs to be protected.
He says: “Once you have a view of the assets that are existing in your OT infrastructure, then you’ll be able to at least determine the vulnerabilities present in them. And then you look at remediating these vulnerabilities and finally review the architecture of the entire OT network on how it’s connected, segmented for effective isolation to control attack surface.
“There are tools and solutions out there that can facilitate identification of assets, regularly scan them for vulnerabilities and remediate. Additional exercises to evaluate the robustness include regular penetration testing to identify vulnerabilities in OT environments.”
The role of HCLTech
Helping protect industrial environments and critical infrastructure of clients is a priority of HCLTech.
Supporting organizations in this ongoing battle, “we’ve developed a 360-degree OT framework, which has been built on the experience we've gained protecting OT infrastructure over the years with customers,” says Sreekumar.
He adds: “We can go and assess the current state of the customer, understand the gaps in the infrastructure and monitor threats on a continual basis using operational monitoring tools. We also help make them more secure by advising and working with them on transforming their OT environment using our industry experience.
“There might be instances where an organization has a flat network, which is risky in an OT environment, and needs segmentation to split the network into multiple different zones to reduce and limit exposure in case of an attack.
"We have an entire full suite portfolio of services, starting from assessment to the creation of a roadmap, which supports the transformation of the OT environment by implementing continuous improvements, while monitoring the operations of these critical infrastructures on a 24x7 basis.”