The importance of IT-security has been acknowledged by experts for years whereas securing industrial control systems seems to have been overlooked. Whilst attacks on operational technology (OT) environments are becoming more frequent, companies are looking for ways to eliminate network vulnerabilities and bridge the gap between OT and IT.
Procentec has sparked widespread interest in the industry with the release of new solutions to strengthen industrial network security.
Spotting Both External and Internal Threats
Although the focus is often on external attacks (malware, phishing and hackers), internal threats can be just as damaging and are more likely to occur. Whether it’s a mistake due to inexperience with a task or protocol, or with the intention to inflict damage, these threats can lead to costly downtime.
Keeping track of modifications to physical assets is more important than ever. But if an industrial network’s security doesn’t extend much beyond a firewall, the devices on that network are vulnerable. A firewall won’t protect a network from people who know how to go around it. Even if a network is air gapped, you can’t safeguard it against authorised individuals who make an error.
The Security License product tackles the everyday threat posed by unintentional and bad actors. It permanently monitors any planned or unplanned changes to a user’s devices, giving an industrial network an extra layer of protection.
Some of its key features include Quiet Hours and Maintenance Mode. Quiet Hours will tell the user if there is any communication on the network when there shouldn’t be any (e.g. during events, night-time, weekends, holidays, etc.). Maintenance Mode allows the user to make changes on their network without getting a security alert.
In addition to this, there are multiple inspections included to tackle the most often overlooked security vulnerabilities. The port scan, SNMP write access scan, device password scan and communication baseline scan make sure all the entries to a network are secured.
Maintaining Data Integrity from Source to Device
Updating software in a decentralised OT environment can be a haphazard affair. But not knowing what has been installed can pose serious risks to a network. According to Honeywell’s latest “USB Threat Report”, the number of USB threats specifically targeting OT-systems has almost doubled from 16% to 28% in 2020. The risks are way bigger than just spreading malware: a USB-device can even be used to attack systems directly.
LockBox is designed to overcome the persistent problem of unverified and randomly downloaded software. This blockchain-based platform provides a centrally controlled catalogue of approved firmware, manual brochures, release notes and datasheets for individual network devices. It allows users to share the latest files safely with authorised users and stops the distribution of files via email, shared folders or USB sticks.
Jonathan Machin is with Procentec