DCS; Industrial control system
Product
Article
NameDescriptionContent
English 简体中文
NEW CENTER
Current Location:
Home >> journalism >> While Cyberattacks Are Inevitable, Resilience Is Vital

While Cyberattacks Are Inevitable, Resilience Is Vital

From:automation | Author:H | Time :2024-11-28 | 85 Browse: | Share:



This process can introduce a pragmatic, trust-but-verify (peer review and CER) culture into the OT cybersecurity solution development, explained Gunter. Industrial OT cybersecurity maturity will benefit from interactions with other professionals, consultants and service providers to validate technology, trends, skills, work processes and approaches,” he added.

Over the past 15 years, OT defenses have gotten better and stronger, but there needs to be a constant state of vigilance. “Increased focus on OT assets has improved overall cybersecurity,” Carrigan said. “Industry and regulatory bodies realize OT systems are essential to delivering critical services and products and have increased investments to secure these assets.

In general, Carrigan added, “investments in segmentation, threat detection and remediation, asset management, and basic hygiene have improved our security posture. That said, while we have improved our ability to prevent and detect events, there needs to be more investment to respond and recover.”


OT protection fundamentals

In the spirit of applying fundamental cybersecurity practices for OT, Chowdhury offered a range of practical suggestions.
 

Network segmentation: Network segmentation protects OT assets effectively. Existing technologies support VLANs to carve out the network, or modern firewalls create zones to separate OT equipment. During a cyber breach, segmentation prevents attackers from accessing other parts of the network, confining them to a specific zone. This confinement facilitates quicker detection and response. Situational awareness in OT networks is simpler compared to corporate IT environments because OT networks are predictable. Attackers on a segmented network trigger multiple alarms when they attempt to access different networks or unusual ports.

Importance of backups: Maintaining backups is essential because every environment experiences downtime. This downtime may result from cyberattacks, human error, or environmental issues. Organizations must ensure they have the latest backups to restore configuration files for OT equipment such as remote terminal units (RTUs), programmable logic controllers (PLCs), computer numerical control (CNC) machines and laser cutters. The effort to maintain backups is minimal, but the rewards are significant. Having up-to-date backups allows OT systems to quickly resume their critical functions after a disruption.

Asset inventory or comprehensive OT configuration management database (CMDB): Quite a few large companies lack a comprehensive understanding of their OT environment. They do not know all the different equipment or their network connections. It is crucial to document all OT equipment, whether connected to the network or air-gapped. At a minimum, collect data on the model, make, industrial purpose, technical point of contact, network connectivity, engineering workstation connections and human-machine interface (HMI) connections. This data is crucial for understanding the environment and establishing an incident response program. Depending on the CMDB tool used, it can also serve as the central repository for backups.

Implement a security framework: Establishing a cybersecurity program is straightforward with multiple available frameworks. These frameworks help organizations understand what they need to implement for better cybersecurity posture and maturity. The NIST Cybersecurity Framework, for example, is industry-agnostic and allows organizations to map out their cybersecurity program against recommended guidelines. Evaluating an organization against a suitable framework helps identify gaps in the cybersecurity program. The cost is minimal, requiring resources to communicate across the organization to understand the current posture. In addition, the ISA/IEC 62443 series of standards is also a useful tool to help manufacturers and asset owners start and then continue to grow their security programs.

Maintain basic hygiene: Regular software updates, patch management and strong password policies are fundamental. Ensuring these basic hygiene practices are in place can prevent a significant number of attacks.

Secure remote access: During COVID-19, remote access to OT environments surged. Organizations realized cost savings by having vendors remotely troubleshoot and monitor equipment for efficiency and warranty support. However, in the rush to quickly ensure remote access at the time, security professionals delayed implementing precautions until later—and quite a few organizations suffered the consequences. What the industry learned is secure remote access is more important now than it has ever been. Network segmentation helps implement secure remote access programs. With network segmentation, companies can restrict vendors to specific assets and prevent remote access OT devices from interacting with other parts of the network.


Beyond the basics

While applying basic OT cybersecurity practices can alleviate the majority of attacks, Chowdhury said that there are also new technologies that can help address sophisticated cyberattacks. “Implementing fundamental actions 

  • Bently Nevada 2300/20-RU 2300/20-CN Monitoring controller
  • A-B 4100-234-R IMC™ S Class Compact Motion Controllers
  • B&R Power Panel 300/400
  • ADLINK cPCI-3840 Processor module
  • ACQUISITIONLOGICAL81G -2
  • HIMA K1412B PLC Module
  • HIMA K9202B PLC Module
  • IS200VTCCH1CBD GE Speedtronic Turbine Control PCB board
  • TRICONEX 4200 Digital Output Module
  • DEIF SCM-1 PCB CARD Module
  • HIMA F3DIO20802 controller plc F3DIO20802
  • HIMA B5233 PLC Module
  • HIMA B5322 PLC Module
  • HIMA F7105A PLC Module
  • HIMA F7150 PLC Module
  • HIMA Z7308 PLC Module
  • HIMA F60 PS01
  • TRICONEX 4409 PLC Module
  • F8651X HIMA Central module F8651X
  • F3236 DIGITAL INPUT MODULE
  • HIMA-6E-B HIMA-6E-B Large System Controller
  • F8627X HIMA communication module F8627X
  • HIMA P8403 PLC Module
  • F8628X HIMA F8628X communication module
  • F8621A HIMA communication module
  • IS200VRTDH1D GE Mark VI Printed Circuit Board
  • ABB NIACO2 PLC Module
  • ABB NIAMO1 PLC Module
  • HIMAcard F8650X
  • HIMA F8652 98465266 PLC Module
  • F8652X HIMA Central module
  • HIMA 62100
  • HIMA 99-7105233 B5233-1 NSMP
  • ABBSPAD 346 C3-AA
  • ABBREF543KM127BABB
  • ABB 0-63007 M003742626
  • Abb FET3251A0P1B3C0H2M
  • ABB 3HAB8800-1
  • ABB 3AUA266001B166
  • ABB3HNM07686-1
  • ABB PQF4-3 TAS
  • ABBAC500 DI581-SB1
  • Honeywell 30735863-502 - SWITCH
  • Honeywell TK-CCR014 - REDUNDANT NET INTERFACE NEW ORIGINAL FREE EXPEDITED SHIPPING/
  • Honeywell 51403165-400 - new 51403165400/
  • Honeywell318-049-001 quot100 Batteries(Japan Liion2Ah14.8Wh)INTERMEC/ PR2,PR3 P/N
  • Honeywell FC-PSU-UNI2450U - Power Supply
  • Honeywell 965-0676-010 - WARNING COMPUTER SV
  • Honeywell 51403519-160 - Module
  • Honeywell 107843 - HOUSING CARBON FILE P/N NE COND # 11438 (4)
  • Honeywell VR434VA5009-1000 - Brand new in box Condensing boiler valve DHL fast shipping
  • Honeywell SPXCDALMFX - plc new FREE EXPEDITED SHIPPING/
  • Honeywell BCM-PWS - BCM-ETH BCM-MS/TP BCM-MS/TP Network controller setFedEx or DHL
  • Honeywell YSTR12D-22/C/-2J0DFA/BE/400/T/-CM.HO.TG.SB.SM,ZS,F1,LP,/FX/,1C-BT - UNMP
  • Honeywell IWS-1603-HW - 90-250VAC 1.0A UNMP
  • Honeywell 51304386-150 - MEASUREX Factory Packed
  • Honeywell CC-IP0101 - Profibus Gateway Module
  • Honeywell CC-PFB401 - / CCPFB401 (NEW IN BOX)
  • Honeywell 50071726 - St 800 Series Pressure Transmitter Remote Diaphragm 11-42VDC
  • Honeywell 621-2150 - / 6212150 (NEW NO BOX)
  • Honeywell 80360206-001 - USED YAMATAKE CLI BOARD
  • Honeywell BMDX001A-001 - ACCURAY / BOARD BMDX001A001
  • Honeywell XCL8010A - New CPU Controller.
  • Honeywell PGM-7320 - 1PCS NEW Rae Systems MiniRAE 3000 Portable VOC Monitor#XR
  • Honeywell BK-G40 - U65 *FULL INSTALLATION* Gas Meter 3?± Inlet/Outlet Spool NEW UNUSED
  • Honeywell DM106-0-B-00-0-R-1-00000-000-E0 - DPR100 250V NSNP
  • Honeywell KFD840 - PRIMARY FLIGHT DISPLAY CORE PN: 066-01206-0104
  • Honeywell 51401914-100 - 51400996-100
  • Honeywell TK-PRS021 - Module Via FEDEX/DHL
  • Honeywell C7012A1145 - 1PC New UV Flame Detector Expedited Shipping
  • Honeywell OV210 - Baxter Bakery Oven Igition Control. For DRO. 00-616973 NEW
  • Honeywell 51304431-125 - 1PC New /51304431125 1 year warranty#XR
  • Honeywell QPP-0002 - Quad Processor Module / 5 Vdc / Massima 1.2A/24Vdc/max.25mA
  • Honeywell QPP-0002 - Quad Processor Module / 5Vdc / Max. 1.2A/24Vdc/max.25mA
  • Honeywell 8C-PCNT02 - 514543363-275 module
  • Honeywell DPCB21010002 - Tata Printed Circuit Board
  • Honeywell DPCB21010002 - Tata Printed Circuit Board Rev: 0
  • Honeywell 001649-M5T028 - Tata Printed Circuit Board Rev: 0
  • Honeywell YSTD924-(J2A)-00000-FF,W3,TP,TG,SS - NSFS
  • Honeywell XF523-A - / XF523A (NEW IN BOX)
  • Honeywell TK-PRS021 - NEW IN STOCK ship by UPS
  • Honeywell 2MLR-AC22 - " 2mlr-dbsf,2mlf-ad4s,2mlf-dc4s,2mlr-ac22 Rack"
  • Honeywell 9436610 - MEASUREX NSMP
  • Honeywell RT10A-L0N-18C12S0E - RT10A.WLAN.IN.6803.CAM.STD.GMS
  • Honeywell 51305896-200 - P:C1 Rev D Nim Modem - FAST SHIP BY Fedex
  • Honeywell TK-FTEB01 - PCL module Brand New Fast Shipping By DHL
  • Honeywell 8694500 - Measurex Control Processor Module
  • Honeywell DR4500 - Truline and DR4300 Circular Chart Recorder
  • Honeywell EC-7850-A-1122 - / EC7850A1122 (NEW IN BOX)
  • Honeywell XNX-UTAI-RNNNN - NEW Universal transmitter DHL Fast delivery
  • Honeywell SPXCDALMFX - plc new One Year Warranty #
  • Honeywell TC-RPFM01 - C200 system card brand new Fast Shipping
  • Honeywell 51196655-100 - NSMP
  • Honeywell XCL8010A - / XCL8010A (USED TESTED CLEANED)
  • Honeywell 51198801-100 - NEW CPU INTERFACE BOARD UPGRADE KIT UPIU 51306154-100
  • Honeywell 84795 - Sputtering Target 5N Al5Cu 7830x11640x13050
  • Honeywell W7704A-1004 - / W7704A1004 (USED TESTED CLEANED)
  • Honeywell RA890G1229 - FOR FSG UV Protectorelay /PL3
  • Honeywell KFS-599B - 071-01576-0101 UHF Communication Control with Mods (28V)
  • Honeywell WPC2000 - WINTRISS 9683001 WINTRISS CLUTCH/BRAKE CONTROL *NO KEYS*
  • Honeywell C7012E1112 - 1PC C7012E 1112 Burner Detector New In Box Expedited Ship #
  • Honeywell 8C-TCNTA1 - C300 system card brand new Fast Shipping
  • Honeywell ANT67A - TCAS Antenna 071-01548-0100 w/ October 2023 Repaired 8130
  • Honeywell CC-PDIS01 - PLC Module Brand New Fast Shipping FedEx or DHL
  • Honeywell R7247C1001 - 2-4SECS NSMP
  • Honeywell ALI-80A - Collins Encoding Altimeter - P/N 622-3975-011 - Tested 8130 -Serviceable
  • Honeywell 001650-M5T028 - Tata Relay Circuit Board
  • Honeywell 51196886-100 - PC BOARDS (126201 - NEW)
  • Honeywell J-HAM10 - NSNP
  • Honeywell TC-IXL062 - 1PCS module New fedex or DHL
  • Honeywell 114M4910-6 - PISTON ASSY PN NS COND 12037
  • Honeywell C7076 - 191002B Sensor Amplifier 220/240v
  • Honeywell 510STR12D21A-B77P - NSNP
  • Honeywell 51304511-200 - Module Nim Modem Via FEDEX/DHL
  • Honeywell IC-600 - Integrated Communication Unit RCZ851E 7510700-806 Removed Working
  • Honeywell TC-IAH161 - 1PC NEW REDUNDANT NET INTERFACE one year warranty#XR
  • Honeywell 2001-100-150-126-280-20-100000 - REMAN
  • Honeywell QPP-0001 - FSC QUAD PROCESSOR PACK QPP MODULE CC V1.4
  • Honeywell 30734558-001 - / 30734558001 (USED TESTED CLEANED)
  • Honeywell STD830-E1HS4AS-1-A-ADB-11C-B-21A0-00-0000 - 4500PSI NSNP
  • Honeywell 900C75-0560 - NEW HC900 Controller module FedEx DHL Fast delivery
  • Honeywell BL870 - Bezel 7014331-921 w/ October 2018 Repaired 8130
  • Honeywell STG77L-E1G000-1-A-CDC-11S-A-20A0-00-0000 - NSMP
  • Honeywell FF-SB14E12K-S2 - / FFSB14E12KS2 (USED TESTED CLEANED)
  • Honeywell 51198685-100 - "Rev. A, 140519-2-LF Power Supply Module 10A 100-240 VAC"
  • Honeywell 942-M96-M - plc new FREE EXPEDITED SHIPPING
  • Honeywell TK-IAH161 - 1PC New ANALOG INPUT TKIAH161 Expedited Shipping
  • Honeywell C7061F2001 - 1PC UV Flame Detector New In Box #