The worlds of IT, operational technology (OT), and industrial control systems (ICS) are converging, increasing attack surfaces and exposing vulnerabilities. At the same time, the lines between digital and physical supply chains are blurring, and measures must be taken by organizations to ensure that security posture remains strong.
As the pandemic and remote work have expanded access points to critical infrastructure, the IT and OT cyberattack surfaces have grown significantly. An organization’s vital data is now often cycled through multiple workloads in a matter of seconds. The increasing use of 5G and the Internet of Things (IoT) — which significantly increase the computing footprint — as well as a general lack of supply chain security also pose significant challenges. 5G networks utilize edge computing, where applications, storage, and control functions that are required to run them are housed relatively close to end users and IoT endpoints or both. That’s a shift from centralized architectures common to 4G and earlier, and creates a much larger computing footprint.
This software proliferation is another major concern for the supply chain. Embedding threats into the components provided by telecom suppliers is one way to infiltrate 5G networks.
Vulnerabilities in the Increasingly Meshed Physical and Digital Supply Chain
Cyber breaches aren't static; their tactics and capabilities are always evolving. Many organizations don't even know when they’ve been attacked.
Hackers often seek out unsecured ports and systems on industrial systems connected to the Internet. IT/OT/ICS supply chains in continuous integration (CI) are particularly vulnerable as they offer attackers many points of entry, and legacy OT systems were not designed to protect against cyberattacks.
Protecting critical systems from cybersecurity threats is, of course, a difficult endeavor. They all have unique operational frameworks, access points, and a variety of legacy systems and emerging technologies. And a lack of trained skilled workforce is a continuing issue in the industry.
The explosion of connected devices is challenging the trends of hardware and software integration. This, combined with an increase in networked sensors, is creating attack opportunities for hackers across all digital infrastructures.
Protecting the Physical and Digital Supply Chains
To mitigate threats and address vulnerabilities, critical infrastructure operators must apply a comprehensive risk framework that includes security by design, defense in-depth, and zero trust.
Security by design monitors, manages, and maintains the security process. Defense in depth enables layers of redundant protective security measures to help deter data breaches. Zero trust focuses on protecting resources through strict identity and access management enforced by authentication and proper authorization.
It is especially important for the public and private sectors to coordinate, apply, and enforce industry security protocols, especially related to Supervisory Control and Data Acquisition (SCADA).
Following industry and government protocols derived from lessons learned is essential for protecting vital infrastructure. The vulnerability of infrastructure was illustrated clearly with the Colonial Pipeline ransomware attack, and the threat remains high. The specifics of a security approach may vary according to circumstances, but the common threads are situational awareness and information sharing between the public and private sectors. Guiding elements of risk management are provided in the National Institute of Standards and Technology’s mantra for industry: Identity. Protect. Detect. Respond. Recover. In an ecosystem of both physical and digital connectivity, there will be vulnerabilities, and a breach or failure could be catastrophic.
Cybersecurity technology that fortifies infrastructure is being developed in the areas of cloud security, authentication, and biometrics. Automation is an especially effective cybersecurity pathway, with the assimilation of emerging technologies such as artificial intelligence and machine learning helping to automate detection and trigger cyber defenses.
Innovations in networks, payloads, endpoints, firewalls, antivirus software, and encryption can also harden critical assets against attacks. When security by design, defense-in-depth, and zero trust are combined, overall cybersecurity posture is significantly increased.
It’s imperative that CIOs, CTOs, and other IT decision-makers collaborate with their technology and service providers to build a road map for infrastructure changes and hardware upgrades while keeping an eye on both security and compliance.
As supply chain manufacturers expand into unfamiliar territories, it is in organizations' best interest to ensure that adequate cybersecurity measures are in place across the entire supply chain. Protecting all connected assets is a critical component of supply chain security, going a long way toward preventing organizations from becoming yet another cyberattack statistic.