#175 Zero Trust with Operational Technology
In this episode Darren interviews the CEO of Founder of Veridify Louis Parks. They discuss the unique problems with Operational technology networks that control critical infrastructure, due to legacy complexity, accessibility vulnerabilities, and lack of visibility.
Introduction
Operational technology (OT) networks power our critical infrastructure like energy, transportation, and manufacturing systems. These OT networks were designed for safety and reliability without much thought about cybersecurity. However, with increased connectivity, OT networks face growing threats that could have major impacts on our physical world. This article discusses some of the unique challenges and solutions for securing OT environments.
Legacy Complexity
OT networks accumulate technologies over decades of operations, leading to complex environments with older unsupported devices and proprietary protocols. Trying to retrofit security is difficult without impacting critical functions. Solutions focus on non-intrusive monitoring of network traffic and encrypting data streams while maintaining existing systems. The priority is keeping systems running safely rather than taking systems offline to investigate threats.
In addition, OT networks often have a mix of legacy devices using older proprietary protocols that predate common IT technologies like TCP/IP networking. Securing these heterogeneous environments requires protecting both modern IP-connected devices as well as older technology using obscure protocols. Emerging solutions aim to encrypt network traffic at the packet level, creating encrypted tunnels even over non-IP networks to block tampering.
Physical Access Vulnerabilities
Many OT devices are distributed in publicly accessible areas like smart city infrastructure or manufacturing plants. This makes them vulnerable to physical tampering by malicious actors trying to access networks. Solutions aim to encrypt network traffic from end to end, blocking man-in-the-middle attacks even if someone gains physical access to infrastructure.
Demonstrating these physical access threats, solutions show how devices secretly plugged into infrastructure switches are unable to control other devices or decrypt meaningful data from the network when encryption is enabled. This foils common attacks by insiders with physical access trying to spy on or disrupt operations.
Lack of Visibility
OT networks often lack visibility into assets, vulnerabilities, and threats compared to IT environments. Simply gaining an accurate asset inventory and monitoring network activity can improve security postures. Emerging solutions apply IT security best practices like zero trust segmentation to OT environments through centralized policy management rather than trying to secure each individual asset.
In addition to lack of visibility, OT networks transmit data without protections common in IT environments like encryption. Unencrypted plain text protocols allow anyone with network access to spy on sensitive operational data. New solutions not only selectively encrypt sensitive data streams but also establish secure tunnels between authorized devices rather than openly transmitting data.
Conclusion
Securing OT environments raises unique challenges but solutions are emerging to balance improved cybersecurity with operational reliability. Non-intrusive monitoring, data encryption, and centralized policy enforcement allow incremental hardening of OT networks against escalating threats. There is still a long way to go but progress is being made.