Cyber risks are becoming increasingly common, not just in IT networks but in OT environments too! Now more than ever, the risk of compromised OT devices and networks can have devastating effects on various critical operations.
MicroSec's innovations and deep domain expertise provides personalized solutions to tackle challenges within your industry. Let's look at how MicroSec helped resolve challenges faced by three industries — Energy and Utilities, Manufacturing and Smart Cities in recent years.
Energy and Utilities
Challenge: The regulatory environment is rapidly evolving. Understanding how to comply with AESCSF, SOCI Act, IEC 62443, or other standards can be exceedingly time-consuming, tedious, and prone to mistakes due to reliance on memory and outdated documents. Our customer did not want to deal with complex integrations or spend a lot of resources on extensive consultations, but they still wanted to ensure they were compliant.
Solution: We helped our customer take a non-invasive, automated and comprehensive approach, and as a result we were able to do an assessment in a matter of hours with greater accuracy. In addition, we provided a complete report outlining our findings, areas of noncompliance, other potential vulnerabilities, and an action plan to remedy those gaps.
Manufacturing
Challenge: Facility managers and OT managers are unaware of what is on their network at all times and are unable to see specific regions of their production or other operations down to sensors or other devices that are on-site or remotely located. Our customer was concerned that there could be potential vulnerabilities on their networks due to device tampering, negligence, or third-party access.
Solution: You can't detect what you can't see. So being able to view both IP and non-IP networks, below level 2 and down to level 0 is key. Manufacturing sites manage a series of systems and sub-systems, often combining production processes with facility systems, which eventually connect to their enterprise and corporate systems.
We helped our customer gain complete visibility across their entire network, instantly identifying known and unknown devices, automatically mapping against a Purdue model, and segmenting based on zones, conduits and sub-networks. And by taking both a passive and active scan approach, we were able to uncover vulnerabilities, anomalies with various threat levels, and CVEs.
Smart Cities
Challenge: In Smart Cities, buildings, road infrastructure, ports, public transportation, healthcare and more are connected together by many different types of IoT devices. Our customer, a major government agency, had deployed tens of thousands of different building devices which connected to multiple sites and sent data back to a central command center. Each one of these devices were remote, exposed and easy to access - all potential attack vectors.
Solution: Being able to respond to attacks in real-time is critical when it comes to public services. Our aim was to ensure there would be no disruption in service caused by device tampering, data manipulation or other malicious threats originating from the devices themselves or from their headquarters. However, added to this complexity was the various types of networks they operated including zigbee, z-wave, 4G/5G, IP, and ethernet.
Simply turning off a device or system is not always possible, so we automated how our customer responded to various attacks in real-time depending on the device type, attack type, threat level, and urgency. In the end, the customer could contain attacks at the device level, and prevent spreading to other devices, as well as back to the central command center, and vice versa.
The Bottom Line
As industrial enterprises, critical infrastructure and cities become smarter and move toward industry 4.0 and beyond, we will continue to see more and more of these types of threats because connectivity and cyber risk go hand-in-hand. The more connected we become, the more cyber risk we face.
If these look like some of the challenges you face currently or perhaps you are just getting started thinking about OT, we'd love to understand what's been on top of your mind and how you've approached your OT cybersecurity strategy. Reach out to us and let’s transform OT security!