• About us
  • Disclaimer
  • Privacy Policy
Friday, August 5, 2022
  • Login
  • Register
W-SE (Web - SEcurity)
  • Tech today
  • Security
    • Malware
    • Top list
  • Vulnerabilities
  • How To?
    • All
    • gaming
    • Smart phone
    • smart tv
    • software
    Tips for Buying the Perfect Travel Sim Card

    Tips for Buying the Perfect Travel Sim Card

    How to Write Farewell and Appreciate Messages

    How to Write Farewell and Appreciate Messages?

    Software help business

    Reasons to Buy the Right Business Hardware

    How to Invest in NFT Art?

    Ideal Internet Speed for Online Gaming

    Ideal Internet Speed for Online Gaming

    AceThinker Online Video Editor and Pro

    AceThinker Online Video Editor and Pro

    Trending Tags

    • Web Security
    • Data Security
    • Network Security
    • Cybersecurity
  • About us
  • Disclaimer
  • Privacy Policy
  • Contact
No Result
View All Result
  • Tech today
  • Security
    • Malware
    • Top list
  • Vulnerabilities
  • How To?
    • All
    • gaming
    • Smart phone
    • smart tv
    • software
    Tips for Buying the Perfect Travel Sim Card

    Tips for Buying the Perfect Travel Sim Card

    How to Write Farewell and Appreciate Messages

    How to Write Farewell and Appreciate Messages?

    Software help business

    Reasons to Buy the Right Business Hardware

    How to Invest in NFT Art?

    Ideal Internet Speed for Online Gaming

    Ideal Internet Speed for Online Gaming

    AceThinker Online Video Editor and Pro

    AceThinker Online Video Editor and Pro

    Trending Tags

    • Web Security
    • Data Security
    • Network Security
    • Cybersecurity
  • About us
  • Disclaimer
  • Privacy Policy
  • Contact
No Result
View All Result
W-SE (Web - SEcurity)
No Result
View All Result
Home Tech today

NSA and CISA Alert Highlights Urgency for OT Security

Melina Richardson by Melina Richardson
in Tech today
A A

We’ve seen ample evidence in recent years of how nation-states and other powerful adversaries can leverage cyberattacks on critical infrastructure as weapons in geopolitical conflicts. The attacks on  power grid and several other incidents showed a show of power and how to disrupt a country’s infrastructure. The indiscriminate use of destructive exploits in NotPetya (which caused widespread collateral damage to operational technology (OT) networks and stopped operations) revealed to security professionals how poor their OT networks’ cyber-risk posture is, and prompted swift action in many of the biggest companies.

For years now, the government has been publicly and explicitly warning that: “Since at least March 2016,  government cyber actors—hereinafter referred to as ‘threat actors’—have threatened government agencies and several vital U.S. infrastructure sectors, including the oil, nuclear, industrial, water, aviation, and vital manufacturing sectors.” The National Security Agency ( NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) couldn’t be any clearer: “We ‘re in a state of increased tensions and increased risk and exposure.”

Public agency warnings regarding past threats usually explain how the attacks are conducted, and provide particular industries with some practical measures to improve their risk management capability. This recent warning, however, is noteworthy for its sound, language, and content. Framed from a strategic perspective, it provides specific alerts of an imminent and severe threat to all 16 critical infrastructure sectors, and comprehensive, thorough collection of guidelines on how to secure OT environments, which together promote a holistic approach to risk reduction.

The timing of this spike in critical infrastructure attacks is not shocking, if you think like an intruder. National-state actors have typically targeted organizations to steal intellectual property and work in sectors like high-tech manufacturing, pharmaceuticals, agriculture, and health care. Now it is widely stated that nation-state actors suspected to be linked to China and Russia are planning attacks on organizations involved in COVID-19 vaccine research and development – a direct use of cyber resources to promote their geopolitical agendas.

The risks are extraordinarily high for many U.S. vital infrastructure agencies participating in such activities. Adversaries are highly motivated and are especially disturbed by these challenges. As progress is made, and we reach a vaccine, attacks are likely to escalate. And this is only one example of how to targete the other vital infrastructure industries. Hence the urgency expressed for the safety of vulnerable networks in the NSA and CISA warning.

How is the risk potentially so large on vital assets? The warning describes a perfect storm scenario, similar to what I mentioned earlier: a mixture of existing OT devices, many of which are internet-facing (something they’ve never been built for) and therefore extend the scope of the attack, and opportunistic adversaries with access to software that provide information on such assets and ways to manipulate them. The pervasiveness and seriousness of the situation, and the relative ease with which these attacks can be performed, demands immediate action to reduce exposure through OT networks and control systems. NSA and CISA are recommending the implementation of threat detection technologies, among an comprehensive list of detailed recommendations.

For years, we have been thinking about the need for asset visibility and threat management in OT environments, since one of the greatest obstacles in protecting these environments is zero telemetry, and thus no visibility in OT networks. One of the roadblocks is that organizations have been hampered by preconceived ideas of how to proceed based on established best practices in IT cybersecurity that prescribe an approach to “crawl, move, run” What’s more, many of the IT protection tools and solutions add needless complexity and, worse still, in OT environments are not successful. Obviously, we need to move straight to “go” based on the tone of the NSA and CISA warning and concentrate on what we can conduct immediately to mitigate the most harm. That is where surveillance of the threat comes in.

OT networks communicate and exchange much more information than IT components usually do – the software version they are running, firmware, serial numbers and more. OT network traffic provides all the information necessary to monitor for threats. With a single, agentless asset visibility solution and continuous threat monitoring, which can be quickly implemented and incorporated into IT systems and workflows, enterprises can move quickly to detect and mitigate risk. Translating the complexity of OT networks for IT Security Operations Center (SOC) researchers, such a solution allows IT and OT teams to work together and put the maximum power to bear on the organization’s resources. They should start detecting deviations from defined behavioral baselines, unwanted associations, and the existence of adversarial strategies, such as those in the current ICS system for MITRE ATT&CK, to quickly enforce mitigation recommendations.

Without the right defense equipment, we can not protect ourselves at this new battlefield. Let’s learn from previous economic warfare examples, and use NSA and CISA ‘s extensive findings and advice to our advantage. The stakes were never higher. Luckily, the difficulty lies in our capabilities to protect our OT environments.

 

ShareTweetShare
Previous Post

Best Phone Monitoring Apps For Android FREE

Next Post

Pulling the Right Data to Validate a Detection and Respond Effectively

Melina Richardson

Melina Richardson

Melina Richardson is a Cyber Security Enthusiast, Security Blogger, Technical Editor, Certified Ethical Hacker, Author at Cybers Guards & w-se. Previously, he worked as a security news reporter.

Next Post
Data Breach

Pulling the Right Data to Validate a Detection and Respond Effectively

Please login to join discussion

Free Online Tools

Article Rewriter Pro
Grammar Checker Pro
Plagiarism Checker
Online Ping Website Tool
Website Screenshot Generator
Website Source Code Finder

Free A To Z IT Tools Online

Free IT Tools Online
  • Trending
  • Comments
  • Latest
inurl technology

Latest Carding Dorks List for Sql Injection 2022

March 16, 2022
connect monitor to laptop two screens

How To Connect A Monitor To A Laptop And Use Both Screens?

February 10, 2021
how to connect two monitors to my laptop

How Do I Connect 2 Monitors To My Lenovo Laptop?

January 22, 2021
Gb Whatsapp An Unexpected Error

Gb Whatsapp An Unexpected Error

November 7, 2021
Windows Flaw

If Older Battleye software is used, Windows 10 1903 Blocked

0
Mac Os

New unpatched macOS bypass gatekeeper published online

0
Siemens Medical Products

Wormable Windows Flaw Affected Siemens Medical Products

0
Cloud Computing

5 Tips of the Personal Data Protection in the Cloud

0
Tips for Buying the Perfect Travel Sim Card

Tips for Buying the Perfect Travel Sim Card

August 5, 2022
How to Write Farewell and Appreciate Messages

How to Write Farewell and Appreciate Messages?

August 5, 2022
Cyber Security Degree In Pennsylvania

Ways Block Chain Affect Web Security in 2022

August 5, 2022

10 Tips on How to Improve your Software Development Skills

July 19, 2022

Quick Links

Learnopedia
Tech Write For US
Technology Write For US
Casino Write For Us
Mr.Perfect Reviews
Cyber Security Career

Recent News

Tips for Buying the Perfect Travel Sim Card

Tips for Buying the Perfect Travel Sim Card

August 5, 2022
How to Write Farewell and Appreciate Messages

How to Write Farewell and Appreciate Messages?

August 5, 2022
Cyber Security Degree In Pennsylvania

Ways Block Chain Affect Web Security in 2022

August 5, 2022

10 Tips on How to Improve your Software Development Skills

July 19, 2022
W-SE (Web – SEcurity)

W-SE regularly updates cyber attacks, hacking and events that provide IT security professionals with information throughout the world. Also offering news in W-SE. We spent two years living and sharing guidance and insights with IT experts, detailed analyzes and news.

We also train people with product reviews in different form of content.

Browse by Category

  • computer
  • Fraud & Identity
  • gaming
  • How To?
  • laptop
  • Malware
  • Microsoft
  • Mobile
  • photography
  • Privacy
  • Reviews
  • Security
  • Security Degree
  • Smart phone
  • smart tv
  • Social
  • software
  • Tech
  • Tech today
  • Top list
  • Uncategorized
  • Virus & Threats
  • Vulnerabilities
  • Website
  • What is?

Recent News

Tips for Buying the Perfect Travel Sim Card

Tips for Buying the Perfect Travel Sim Card

August 5, 2022
How to Write Farewell and Appreciate Messages

How to Write Farewell and Appreciate Messages?

August 5, 2022
  • About us
  • Contact
  • Disclaimer
  • Home
  • Privacy Policy
  • Resources
  • Support Forum
  • Tech Blog
  • Technology Write For Us
  • W-SE (Web Security)

© 2020 w-se.com - Powered by Fix Hacked Website, Cyber Special , SSL Authority Reviews Powered by Mr.Perfect Reviews.

No Result
View All Result
  • Tech today
  • Security
    • Malware
    • Top list
  • Vulnerabilities
  • How To?
  • About us
  • Disclaimer
  • Privacy Policy
  • Contact

© 2020 w-se.com - Powered by Fix Hacked Website, Cyber Special , SSL Authority Reviews Powered by Mr.Perfect Reviews.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In