In 2020, ransomware attacks on the OT environment increased. Sixty percent of those attacks were on unpatched machines using legacy operating systems. What security measures should you employ to protect your OT assets?
Travis King speaks with Austen Byers, Director of Sales and Engineering, North America at Trend Micro, about:
- The difference between IoT and OT
- Why each requires different security measures
- New security developments in the OT market
IoT vs OT
As emerging technology brings operational hardware online, the distinction between IoT and OT is blurring. So how are they different?
According to Austen, IoT, which stands for the Internet of Things, covers products on the consumer side—such as a doorbell camera or a smart thermostat.
OT (operational technology) machines are any machine that has a specific function or operation tailored to a particular industry. That would include things like an x-ray machine in a healthcare facility or robotics in manufacturing.
Different security measures
For IoT devices, an IT person can simply disconnect an infected machine regardless of the machine’s function.
OT devices, however, are often performing essential functions and any amount of downtime becomes a major issue. So an OT person’s main focus is often on keeping that device online and producing at all costs.
Developments in OT security
Attackers have seen how vulnerable OT environments are, and attacks have increased.
“In the past, companies relied on air-gapped environments and network segregation to protect the OT environment,” Austen says, “but companies are now connecting these machines for numerous reasons.”
This is introducing new risks and could result in potential consequences such as:
- Financial losses
- Physical harm
- Negative public attention
Austen has witnessed the following three different types of attacks:
- Bleed over - the infection starts on the IT side and bleeds over to the more vulnerable OT environment, a top-down spread of the attack
- Lowest level - an infection that starts at the lowest level of the environment, for instance when a person who maintains OT devices inadvertently brings in a piece of malware on a laptop or USB storage device, a bottom-up attack
- Harmful commands - commands that are malicious and cannot be stopped by traditional IP security
The TXOne Suite from Trend Micro is specifically designed for OT machines. It understands that availability is key, so the solution doesn’t impede operations.
“Being adaptive is the unofficial slogan for TXOne,” Austen says. “We have to be adaptive to all customer needs and policies across all of the different verticals in different industries that we deal with.”
For more information, visit Ingram Micro and Trend Micro, or contact the Ingram Micro IoT team at firstname.lastname@example.org.