As operational technology (OT) and information technology (IT) converge, new cyber threats have emerged that threaten digital environments.
In a March survey of 500 global OT experts and leaders, we found that 93 percent of organizations experienced a security breach in the last year.
Of those, 78 percent received more than three threats.
Compared to 2021, we detected a 20 percent increase in unauthorized entries.
This simply reflects the lack of cybersecurity solutions and tools that many companies have to protect legacy Supervisory Control and Data Acquisition (SCADA) and Industrial Control System (ICS) devices found in OT environments.
Additionally, issues often relate to limited and incompatible security controls and the complexity of building an infrastructure that covers both technologies.
Faced with this reality, OT systems become more vulnerable to the types of intrusions we typically see in IT, such as EKANS ransomware, Stuxnet threats, attacks that can move horizontally between both networks, or zero-day intrusions that cannot be patched.
And while adopting a cybersecurity strategy can be difficult, putting it into practice is not impossible.
it is better to avoid
Organizations must consider all scenarios to prevent their production from being disrupted by a cyberattack and comply with regulations to minimize penalties for non-compliance.
However, we often find that they implement solutions based on IT, not OT, such as unsupported antivirus software or a firewall that cannot decode OT communications (OPC, BACnet and Modbus).
For this reason, one of the tools companies can use is deception technology, which in English is known as deception technology.
It offers three benefits that are undoubtedly necessary: active defense security, wide coverage and automated protection.
While targeting threat actors, early deception detection and response features improve the current security posture, reducing business disruptions from internal and external threats.
Adding this defense tool is non-intrusive and adds no delay to OT operations before, during and after deployment.
It also easily integrates with third-party security solutions to provide automated threat response and threat hunting; thus increasing efficiency in SOC processes and allowing further scaling of SecOps.
How to face the challenge?
There are currently solutions like FortiDeceptor that implement traps and markers to automate the containment of cyberattacks before they cause serious damage, but the first step is to determine what level of protection you have and get started with the help of an expert.
Having a cybersecurity system and strategy optimized for operational technologies not only provides protection for the industrial environment, but is also a preventive measure against any threat.
Deception technology provides a false target, allowing internal teams to identify what type of attack was carried out, the techniques used by criminals, and strengthen protection measures.
If your company or your customers don’t have them yet, they may already be the target of cybercriminals.
Roberto Suzuki is Fortinet’s Senior Regional Manager of Operational Technology for Latin America and the Caribbean.