Tag Archive for: operational

New revised guide to operational technology (OT) security published

/in


NIST Publishes Guide to Operational Technology (OT) Security | NIST
Credit: Smart Connected Systems Division, NIST

The impact of cybersecurity breaches on infrastructure control system owners/operators is more significant and visible than ever before. Whether you work for an infrastructure owner/operator or are a consumer of an infrastructure service, the events of the past few months/years have made it clear that cybersecurity is a critical factor in ensuring the safe and reliable delivery of goods and services. For infrastructure control system owners/operators, it can be challenging to address the range of cybersecurity threats, vulnerabilities, and risks that can negatively impact their operations, especially with limited resources.

Operational Technology (OT) encompasses a broad range of programmable systems and devices that interact with the physical environment (or manage devices that interact with the physical environment). These systems and devices detect or cause a direct change through the monitoring and/or control of devices, processes, and events. Examples include industrial control systems (ICS), building automation systems, transportation systems, physical access control systems, physical environment monitoring systems, and physical environment measurement systems. OT can be found in all critical infrastructures.

To assist OT system owners/operators, NIST has published Special Publication (SP) 800-82r3 (Revision 3), Guide to Operational Technology (OT) Security, which provides guidance on how to improve the security of OT systems while addressing their unique performance, reliability, and safety requirements. SP 800-82r3 provides an overview of OT and typical system topologies, identifies typical threats to organizational mission and business functions supported by OT, describes typical vulnerabilities in OT, and provides recommended security safeguards and countermeasures to manage the associated risks.

SP 800-82 has been downloaded more than 3 million times since its initial release in 2006, and this is the third revision of NIST SP 800-82, with…

Source…

Cyber security systems can enhance routine operational safety

/in


Advanced cyber security solutions that protect onboard operational technology can go beyond protection and actually enhance a ship’s safety systems, argues Julian Clark from Ince.

It no longer takes a nation state to bring down a company; it can be done easily enough by a teenager with an internet connection. Coding software is increasingly efficient and accessible, and as in the 2008 recession, people with coding skills are turning to hacking for income.

The threat level and sophistication of hackers increases every day, and according to a Naval Dome report, the number of cyber-attacks has increased by 400% since February 2020. The number of attacks on operational technology (OT) has increased by 900% in recent years.

OT monitors events, processes and devices. This creates an opportunity for a hacker to “take active control” over vital processes with potential life threatening consequences. See for example the Colonial Pipe Line and Florida Water Treatment Plant attack, Such attacks underline the need to combine essential cyber security with increased vessel safety as a matter of routine management, not just to prevent or mitigate an attack.

OT cyber security technology monitors the values displayed on a ship’s safety systems and the vessel equipment itself. It then automatically identifies anomalies in these values caused by an intentional cyber-attack, but the system can also highlight discrepancies caused by equipment, computer or user error. If safety system or equipment values do not align with expected trends, or there are inconsistencies between data feeds supposedly conveying the same information, the cyber security software can alert crew or automatically restore devices to the proper configuration if required.

Safety systems themselves are also highly vulnerable to cyber-attack. In this instance, cyber security solutions can act as the ‘safety system for the safety system’. For example, a cyber-attack could result in the incorrect ballast tank fluid level being shown by the safety system. This would lead to dangerous instability when loading or unloading cargo. An advanced OT cyber security system would mitigate this risk by…

Source…

Six spectacular operational security failures

/in


Credit: Dreamstime

Every day, most of us leave trails of online breadcrumbs behind us, disconnected pieces of data that a determined sleuth could connect to learn about our activities and perhaps break through our veil of anonymity. The struggle to prevent attackers from putting these puzzle pieces together is known as operational security (opsec).

Most of us don’t think too much about all this: nobody’s trying to track us down, and if they did, the consequences wouldn’t be too worrisome. But there are those for whom the stakes are much higher. Would it be so bad if someone recognised the handles of your anonymous social media accounts as the name one of your big work projects or the subject of your senior thesis? It might be if you were the director of the FBI. Does it matter if the selfies you upload to social media have location data embedded in them, or if your fitness tracker sends anonymised data about your jogging route to its manufacturer? It might if you’re a soldier on a secret military base or in a country where your government swears it hasn’t sent any troops.

Hackers and cybercriminals—of both the freelance and state-sponsored variety—are generally quick to exploit any failures in opsec made by potential victims. That’s why it’s perhaps surprising that these malicious actors often themselves fail to cover their online tracks, whether due to arrogance, incompetence, or some combination of the two. You can view these incidents as morality plays in which the bad guys get their comeuppance, but maybe it’s better to think about them as cautionary tales: you might not be spying for the Chinese government or running an online drug market, but you could fall into the same mistakes that these cybercriminals did, to your peril.

All roads lead back to Dread Pirate Roberts

For a few years in the early 2010s, the Silk Road was source of fascination and frustration for computer security researchers and law enforcement alike. An underground marketplace where users could trade cryptocurrency for…

Source…

Opsec examples: 6 spectacular operational security failures

/in


Every day, most of us leave trails of online breadcrumbs behind us, disconnected pieces of data that a determined sleuth could connect to learn about our activities and perhaps break through our veil of anonymity. The struggle to prevent attackers from putting these puzzle pieces together is known as operational security (opsec).

Most of us don’t think too much about all this: nobody’s trying to track us down, and if they did, the consequences wouldn’t be too worrisome. But there are those for whom the stakes are much higher. Would it be so bad if someone recognized the handles of your anonymous social media accounts as the name one of your big work projects or the subject of your senior thesis? It might be if you were the director of the FBI. Does it matter if the selfies you upload to social media have location data embedded in them, or if your fitness tracker sends anonymized data about your jogging route to its manufacturer? It might if you’re a soldier on a secret military base or in a country where your government swears it hasn’t sent any troops.

Hackers and cybercriminals—of both the freelance and state-sponsored variety—are generally quick to exploit any failures in opsec made by potential victims. That’s why it’s perhaps surprising that these malicious actors often themselves fail to cover their online tracks, whether due to arrogance, incompetence, or some combination of the two. You can view these incidents as morality plays in which the bad guys get their comeuppance, but maybe it’s better to think about them as cautionary tales: you might not be spying for the Chinese government or running an online drug market, but you could fall into the same mistakes that these cybercriminals did, to your peril.

All roads lead back to Dread Pirate Roberts

For a few years in the early 2010s, the Silk Road was source of fascination and frustration for computer security researchers and law enforcement alike. An underground marketplace where users could trade cryptocurrency for drugs, weapons, and other illegal goods and services, it brought the idea of the “dark web,” along with knowledge about Tor and bitcoin, into the consciousness of regular people….

Source…