Global events have accelerated a new way of working, whilst disruptive and unplanned, everyone is adapting to this change and simply getting on with this new norm. Unfortunately, this is also true for the opportunists and hackers, who have now modified their approach to focus more on looking for unsecured or poorly protected gateways. Research in March 2020 by Shodan, the search engine for Internet connected devices, reveals that business globally are exposing their organisations to more risk as companies go remote due to COVID-19.
The March Effect
The number of devices exposed to the internet via Microsoft Remote Desktop Protocol (RDP) have increased more than 40 percent and the number of servers running VPN protocols on different ports has jumped by a 30 percent from 7-10 million. One such protocol on the increase is the Point-to-Point Tunnelling Protocol (PPTP), an obsolete method for implementing virtual private networks that has a number of known security vulnerabilities.
John Mathley from Shodan quotes “We've observed significant growth in other protocols (HTTPS) but one of the important areas where we've seen a worrying increase in exposure is for industrial control systems (ICS). The growth is not as large as for other protocols, but these are ICS protocols that don't have any authentication or security measures.”
A Disturbance in the Force
With the rapid increase in remote working, it is likely that systems have been implemented quickly without the due diligence that projects of this scope would usually require. The consequences of a breach upon an Operational Technology (OT) network is likely to be far greater than for its IT counterpart, especially if this impacts productivity or safety.
If the benefits of remote working are now being seen and embraced, perhaps it’s time to take stock of what may have been hastily installed, and evaluate how to make these gains enduring but also secure?
Getting it right first time
At SolutionsPT we monitor and track the ever-changing cyber landscape to provide solutions that address the challenges faced within the OT industry. By taking a holistic approach to cyber security we evaluate products that best suit the needs of our customers so they can suitably reduce their risk and maintain compliance. We partner with vendors such as Claroty, who provide first-in-class solutions, that have been named Company of the Year for IT/OT Security by independent market research firm Frost & Sullivan.
Our partners Claroty have just announced the strengthened Claroty Platform to deliver the industry’s broadest range of OT security controls in a single solution. With product updates to Continuous Threat Detection (CTD) 4.1 and Secure Remote Access (SRA) 3.0, the platform addresses four areas integral to risk reduction: visibility, threat detection, vulnerability management, and triage & mitigation.
All of Claroty’s OT security controls can be deployed rapidly and integrate seamlessly with existing IT security infrastructure. This helps to eliminate the burden of complex deployments, steep learning curves, and unfamiliar tools, all of which have long been barriers for achieving stronger industrial cybersecurity.
Despite social distancing and travel restrictions we have successfully undertaken on-site proof of concepts and installations over the last few weeks. While the world is adapting, so are we, and we are ready to help you too.