As organisations expand their digital footprint, it becomes imperative to protect the security, safety & reliability, availability and integrity of their systems. Cybersecurity threats must be taken seriously and met proactively with a system-wide defensive approach aligned to the organisational needs. It is of utmost importance to understand that every component that you introduce into your infrastructure could be an entry point for an attacker, thereby making you vulnerable to a cyberattack. With the appropriate security measures and the right supply chain strategy you can ensure the resilience of your infrastructure.

Discover how Eaton can help you secure your business continuity. 

Why would cybercriminals attack your facility?

 

There are several objectives a hacker may have for attacking your business. There are hackers who spy on your business and could potentially have access to, or steal, sensitive data. Data - whether they are personal or business data - are valuable and hackers can gain money by selling them to third parties. In most cases, OT systems act as an easy entry point for attackers, enabling them to hack into your IT infrastructure as a next step. There are  examples of attackers who stole credentials and gained remote access to company networks that enabled them to install malware in the IT systems and to siphon data. But it is not only data that gain a cybercriminals interest. When it comes to operation technology, a breach in the cybersecurity chain gives hackers the possibility to create fear and chaos by taking over control of your OT systems. Such a breach results in the compromise of the safety and reliability of your infrastructure. 

• Manipulation of view/control – Manipulation of control is one of most important objectives of a cyberattack; it can have severe impacts if command & control is compromised, as this can be manipulated to bypass safety checks, thereby potentially leading to accidents. Manipulation of view is done to hide activities or to force an operator to take actions which may disrupt operations.
• Loss of view/control – Loss of control is an important objective for an adversary who is trying to disrupt your operations. It will prevent operators from taking actions to ensure safe operations, thereby putting lives at risk. Temporary or permanent loss of view blocks alarms, warnings and other indications of malicious activities being carried out within the current operations.
• Establish remote access/exfiltration point – Establishing a persistent backdoor into a control network comes with multiple rewards, such as data exfiltration or remote control of OT networks. Data exfiltration is done either to steal confidential process-related data or intellectual property in order to learn about a network for further advancement of an attack. 
• Malware/ransomware – Delivering malware into the OT network or into enterprise IT systems by pivoting via weak OT controls is a commonly observed objective in attacks. Ransomware encrypts a victim's files and then demands a ransom from the victim to restore access to the data/IT asset. The higher the value of the assets under siege, the higher the ransom. OT systems are one of the most valued assets in any industry, which is why they are always on the radar of your adversaries.

There are multiple entry points - together called the attack surface -  for cybercriminals to gain access to your business where they can interact with the system (input, output, manipulate control, elevate privilege, etc.). From an IT perspective, it is well known that hackers try to breach system via email and the internet, for example. But with the Internet of Things, connectivity is added to your electrical power system, your HVAC system, your machines, your fire detection system, your emergency lighting escape routing, and so on. All of these electrical systems are potential targets for cybercriminals. Imagine the fear and chaos the loss of control and disconnection of systems and/or disruption of your processes would mean for your company, employees and clients.

An effective cybersecurity strategy for a facility’s operational technology requires a comprehensive strategy that covers people, processes and technology. 

People

People are the weakest link in the chain when it comes to security. Skilled attackers abuse the element of trust and make their way into systems via social engineering. Be aware of social engineers - hackers that enter your business through human interactions (e.g. with your employees). Defending your organisation by training your people, vendors and internal stakeholders is the first line of defence. Ensure that you select trustworthy suppliers who understand the importance of cybersecurity and have a robust cybersecurity programme.

Process

Ensure your processes consider the cybersecurity health of all the components in your infrastructure, ith clearly roles and responsibilities. Ensure you have a robust vulnerability management plan, incident response plan and a dependable disaster recovery plan. 

Technology

Select products, systems and solutions that are designed with cybersecurity in mind, meet industry standards through their full life-cycle and are regularly assessed for potential vulnerabilities so that any security loopholes that emerge are patched on a regular basis. Its also imperative that your facility’s OT network and assets are periodically assessed for cybersecurity.

Discover how Eaton is doing all in its power to not be the weakest link in your systems.