Tenable comment on NSA warnings of recent attacks on Operational Technology (OT) from Marty Edwards, former director of ICS-CERT and now vice president of OT Security at Tenable.
The background is the article published on the official website of the Department of Homeland Security: “NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems"
“NSA and CISA (Certified Information Systems Auditor) are currently warning of serious attacks against operational technology (OT, i.e. operating technology for monitoring and / or controlling industrial plants, processes and events) and critical infrastructure. This warning does not concern potentially possible attacks, but actually occurring attacks. Attacks have been around and hackers are still doing them right now.
Almost all of our lives are now dependent on OT - from our energy supply, the factories that make medical products to our drinking water. Society relies on OT and this dependency continues to grow. The merging of OT and IT means that OT devices are also more exposed to external threats than was previously the case with isolated systems.
OT operators currently have to be extremely vigilant and ensure that they have complete insight into their systems, devices and their vulnerabilities, whether IT or OT. The security teams should therefore prioritize which weaknesses are particularly serious, which are the easiest to exploit and which of the devices require maximum protection. "
More on this at Tenable.com
About Tenable Tenable is a Cyber Exposure company. Over 24.000 companies worldwide trust Tenable to understand and reduce cyber risk. Nessus inventors have combined their vulnerability expertise in Tenable.io, delivering the industry's first platform that provides real-time visibility into and secures any asset on any computing platform. Tenable's customer base includes 53 percent of the Fortune 500, 29 percent of the Global 2000, and large government agencies.