June 12th The WannaCry and ExPetr ransomware attacks that engulfed the world in 2017 caused public and public utilities, manufacturers, telecommunications companies, and public transportation systems in the United States and Europe to be hit hard. This made cybersecurity experts and cybercriminals fully aware that Operational technology (OT) systems are more vulnerable to attacks than information technology (IT) systems. Industrial network security technology provider Indegy chief technology officer Miller Gandelsman authored an analysis of cyber threats facing industrial systems and made recommendations for prevention. Diversification of industrial threats The biggest threat to the industrial system in 2018 was a ransomware attack. Cyber ​​attackers often encrypt key data and demand ransom. While ransomware attacks are not the only cyber risks faced by industrial control systems, terrorist organizations, national and industrial espionage all attempt to penetrate operational technology (OT) systems through various types of attacks in an attempt to profit from data, steal intellectual property (such as manufacturing blueprints or Formula), launching a denial of service, or destroying a factory. In manufacturing and industrial environments, the impact of events such as cyber attacks or accidental outages is worrying. For example, if a system integrator uses an outdated, inaccurate, hard copy asset spreadsheet to make a pre-planned change on the wrong programmable logic controller (PLC), it will cause the large automaker's production line to close more than 24 hours . Whether it is an unexpected failure of the system or an intentional attack by a malicious attacker, it is enough to cause the management of the manufacturing industry to attach great importance to and carefully consider when making choices so as to protect the operation of the system from accidental or unauthorized changes. OT Security Challenges The network security work in the field of operational technology (OT) lags far behind that of information technology (IT). Although companies are trying to catch up, they still face many challenges. The biggest challenge is that companies do not fully understand all the ICS assets that they need to protect. Without automated asset management software providing continuous updates, the company's existing asset library may become obsolete. Another challenge is that ICS devices do not necessarily have security features. Many PLCs, RTUs, HMIs, engineering workstations, OPC servers, etc. are not designed with security in mind. In addition, the designers of these devices did not envisage their inclusion in the Internet of Things at the time of planning and design. This also stems from the fact that no one predicted that IT-OT convergence will eventually occur in the last few years. Therefore, companies should eliminate the traditional concept of “isolation†and recognize the seriousness of security breaches and the unprecedented challenges that vulnerabilities bring to the OT environment. Another thorny challenge is that suspended operations in industrial systems are expensive and cannot be resolved by stopping production or updating firmware or fixing bugs. The maintenance of OT equipment must be planned in advance. It may take several months for the system to go offline to update it and improve the security of the equipment. At the same time, companies must maintain the status quo or reduce risk through alternative solutions. In summary, it is particularly important to fill the ICS cybersecurity gap. To this end, the National Institute of Standards and Technology (NIST) released the Framework for the Improvement of Critical Infrastructure Cyber ​​Security, which provides guidance for the protection of industrial control systems and their environment. How to evaluate industrial network security solutions? In order to solve the problem of security visibility and control blind spots in the operating technology (OT) environment of manufacturing companies, the technology built for this purpose is sprouting. When evaluating industrial network security solutions, companies can consider the following important features: Automated asset discovery and management: Effective ICS security policies require organizations to know exactly what assets, configurations, and related activities they own. This requires the use of automated asset discovery capabilities to gain situational awareness, fully understand assets, and simplify ongoing asset management processes. This feature includes the discovery and reporting of idle assets, the continuous updating of asset details, and the tracking of all changes through a large amount of information for backup and recovery. Monitor network activity and detect anomalies/threats: Use security policies to monitor internal and external device communications and protocols in industrial networks to detect security threats and anomalies. Validate Controller Integrity: Detection of controller changes, such as configuration changes, code changes, and firmware downloads, over the network or physically connected to the device is critical to preventing failures, interruptions, and/or physical damage. Assess vulnerabilities and manage risk: This involves performing routine vulnerability assessments on all control devices to identify missing patches and incorrect configurations, and to provide a risk score for each device to fix the part that has a security risk. Detect and respond to incidents: Generates real-time alerts for suspicious activity and threats detected in the ICS network, including a comprehensive audit trail of all ICS activities, and retains controller history information for backup and recovery support. Organizations should integrate these capabilities with the IT security technologies they use, such as security information and event management (SIEM) software. Industrial cybersecurity threats are no longer just "on paper," nor are they alarmist. Factory owners and operators should deploy the right technology and fully understand and manage the operational technology (OT) environment to ensure the safety of processes, equipment, and personnel. Onlyrelx recharge and refill vape pod disposable vape pen is portable and fashion disposable electronic cigarette, disposable ecigs pen are trending featured vape pen for vapors as it's safety and easy to use. Disposable vape pod,disposable vape, wholesale vape,vape wholesale,vape pen manufacturer and supplier.disposable vape pen,disposable electronic cigarette,disposable ecigs pen,disposable ecigs stick,disposable e-cigs pen,disposable vape factory,disposable vape pod,disposable vape device,vape pen,vape stick, vape wholesale,wholesale vape,customized dispsoable vape pen,customized vape pen,OEM&ODM disposable ecigs pen,disposable electronic cigarette wholesale, wholesale disposable electronic cigarette,distribute vape pen,vape pen distribute,high quality vape pen,high quality vape pod,rechargeable disposable vape pen,refillable vape pen,refilling electronic cigarette,rechargeable disposable electronic cigarette,refillable vape pod,disposable refillable ecigs,disposable refilling e-cigs pen,refillable e-cigs pen rechargeable disposable vape pen,refillable vape pen,refilling electronic cigarette,rechargeable disposable electronic cigarette,refillable vape pod Shenzhen Onlyrelx Technology Co.,Ltd , https://www.onlyrelxtech.com
