What are the Most Common Risks in Operational Technology
In June 2023, while engaged in my regular tasks, I was doing my routine activities and arranging the backup files
on the Organization’s common data network. All of a sudden my computer screen got
locked and I had no access to my system. The first thing that I can
recall was that I immediately removed the Ethernet cable from the CPU LAN card
and switched off my computer. I then informed the field IT team about the scenario.
It was then handed over to the IT team; after 3~4 days, I was told that there
was a locker of Ransomware found on my computer and that the IT team would proceed with the reinstallation of the Windows operating system. I had no option other than to
accept this situation and ultimately had to lose all available data on my PC.
The bad situation for me was that this was a shared PC and my colleague had to
lose his data as well. This event led to a curiosity in me regarding this
topic and I have just started exploring this subject. I shall be sharing more
posts as the concept gets concrete.
This write-up
intends to provide a list of the common cyber security risks to operational
technology (OT). These risks can have a huge impact on the business of that
organization.
List of Risks in Operational Technology
- Ransom ware
- Malware injection
- DOS attack (Denial of Service)
- Supply chain Attack
- Insider
- Data Breaches
- Zero Day Exploits
- MITM attack (A main in the middle)
- Phishing
- Legacy system outdated technology
- Weak access control compliance gaps
- No access control compliance
- Absence of physical security layer
- Human error
MALWARE
BlackEnergy (HTTP-based toolkit that created bots to execute
DDoS attacks.
BlackEnergy 1, 2,3(BE-3; aims at the DLL component in local
app folder; Ukraine power grid cyberattack -2015)
0 Comments