Cyber attacks on operational technology increasing

Ransomware: What board members should know and what they should be asking their technical experts

A recent report by FireEye’s Mandiant looked at attacks on operational technology control processes. Once viewed as complex due to access requirements, there are now many more internet-facing endpoints offering a wider attack surface.

Mandiant noted that attackers are not necessarily sophisticated, nor do they know what they are targeting. Graphical user interfaces have been accessed allowing attackers to modify variables without understanding the process being controlled.

The recent attack on Colonial Pipeline disrupted supply lines causing shortages is just one of a number of attacks against critical infrastructure networks.

Last year, in joint work, the NCSC released information for Critical National Infrastructure (CNI) organisations on effective use of the Security design principles and CISA, in the US, issued a summary of best practices for the security of Industrial Control Systems (ICS).