Operational Technology Vulnerable to Cyber-Attacks

SeniorTechInfo
3 Min Read

The Dangers of Uncontrolled Remote Access Tools in Operational Technology

Security researchers have issued a warning about the uncontrolled use of remote access tools, highlighting the potential threats they pose to operational technology (OT) systems.

A study conducted by Team82, the research division of cyber and physical security company Claroty, revealed alarming statistics. More than half of organizations surveyed (55%) reported using four or more remote access tools (RATs), while 33% used six or more.

Upon analyzing data from over 50,000 remote access-enabled devices, researchers discovered that many businesses were using “non-enterprise grade” tools on their OT network devices. These tools lack essential security features like multi-factor authentication and privilege access management, leaving OT systems vulnerable to criminal attacks.

Furthermore, the study found that RATs designed for IT administration purposes were causing complications in OT networks. Issues such as lack of visibility for OT network admins, absence of central management for tool activity, and increased burden on managing network access rights and credentials were identified.

Through the excessive use of RATs, organizations inadvertently expand their attack surface, increasing the likelihood of security breaches. Even enterprise-grade RATs designed for IT systems may overlook the specific security requirements of OT environments.

Notably, some RATs have been associated with cyber-attacks. Team82 reports that TeamViewer and AnyDesk suffered breaches, highlighting the potential risks posed by these tools.

Team82’s researchers recommend organizations to implement controls on the use of RATs in OT and industrial control systems (ICS) and centralize their management with common access control policies. It is crucial for OT teams to enforce security standards across the supply chain and third-party vendors and minimize the usage of “low security remote access tools” in OT environments.

David Spinks of CSIRS emphasized the importance of regulating remote access software, stating that all such tools should be licensed and subjected to strict security controls.

With attacks on OT and manufacturing systems on the rise, including those perpetrated by nation-state actors, it is essential for organizations to prioritize the security of their OT networks.

For more information on attacks against OT systems, check out US and UK Warn of Disruptive Russian OT Attacks.

Share This Article
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *