Tenable sees KRITIS operators exposed to increasing threat potential. Also one year after the severe attack on Colinial Pipeline & Co. with devastating effects. A comment from Tenable.
“In the XNUMX months since ransomware attacks struck JBS Foods and Colonial Pipeline, the sad reality is that the threat to critical infrastructure operators has increased rather than decreased.
Attackers only care about money - not the impact
Attackers recognize the impact they can have by influencing these environments and rely on it to monetize their attacks with increasing accuracy and frequency. KP Snacks suffered outages following an attack on its IT systems in February, and the current situation in Costa Rica, where the country has declared a state of emergency, shows the threat is far from over or trivial.
Critical infrastructure (KRITIS) is designed to be resilient, so taking these systems offline at all should be a huge wake-up call. The government recognizes the importance of resilience, as evidenced by the recent iteration 2.0 of the NIS Directive, which the European Commission claims will introduce "measures for a high common level of cybersecurity across the Union".
Better transparency of all IT and OT systems
All too often, it is the holistic visibility of all IT and Operational Technology (OT) systems that underpin our critical infrastructure that businesses struggle with and creates blind spots. When it comes to our physical OT environments, there are a myriad of hidden systems tucked away in a closet or under a desk that were temporarily installed, instantly forgotten, and underprotected.
Most ransomware exploits vulnerabilities created by misconfigurations and known but unpatched vulnerabilities in systems, meaning these attacks could be prevented. However, when it comes to KRITIS, it's not always easy. These systems are often complex and, in the case of industrial environments, rely on legacy devices and protocols that were not designed with either built-in security or external connectivity. But that is today's reality. To stem the tide and prevent ransomware from continuing to run amok, organizations need to identify the risks that exist within the infrastructure.
Companies need to identify the risks
This requires a holistic view of both IT and OT environments, the dependencies that exist for critical functions, and determining where vulnerabilities could be and where vulnerabilities actually exist. This helps in identifying what would lead to theoretical and practical harm. From this perspective, actions can be taken to remediate the risks where possible or to monitor the target systems associated with the risk to prevent attacks.”
More at Tenable.com
About Tenable Tenable is a Cyber Exposure company. Over 24.000 companies worldwide trust Tenable to understand and reduce cyber risk. Nessus inventors have combined their vulnerability expertise in Tenable.io, delivering the industry's first platform that provides real-time visibility into and secures any asset on any computing platform. Tenable's customer base includes 53 percent of the Fortune 500, 29 percent of the Global 2000, and large government agencies.