Hello guys, Here we are back again with the OT/SCADA Series of Blogs.
Today, we will be learning about OT attacks and Vulnerabilities.
Security threats and security posture of organizations those who use OT with evolving security threats need to attach the most importance OT security strategies to address security issues.
We will discuss about various OT threats and attacks such as
1. Hacking Industrial Networks
2. HMI attacks
3. Side-channel attacks
4. Hacking PLCs,
5. Hacking Machines via RF remote controllers, etc.
Since IoT converged with OT, attack surface areas of OT systems have also increased.
|Publicly Accessible OT Systems
|OT systems directly connected to Internet so vendors can remotely perform maintenance and diagnostics.
|Insecure Remote Connections
|Corporate networks use jump boxes to establish remote connectivity with the OT network.
|Missing Security Updates
|Outdated Software versions
|Default usernames and passwords for OT systems.
|Insecure Firewall Configuration
|Misconfigured access rules allow unnecessary access between corporate IT and OT networks.
|OT Systems placed withing Corporate IT network
|Interconnected Corporate IT network and OT systems, ability to gain unauthorized access to corporate IT systems through insecure OT devices.
|Insufficient security for corporate IT network from OT systems
|OT systems use outdated legacy and are accessed from remote locations.
|Lack of Segmentation
|Several OT networks have a flat and unsegmented configuration, which assumes all systems have equal importance and functions.
|Lack of Encryption and Authentication for Wireless OT networks
|Insecure and Outdated Protocols Ability to perform sniffing and authentication bypass attacks.
Maintenance and Administrative Threat – Attackers inject and Spread malware into target the maintenance and administration of OT Network.
Potential Destruction of ICS Resources
Denial of Service Attacks
HMI based Attacks
Exploiting Enterprise-Specific Systems and Tools
Exploiting unpatched Vulnerabilities
Buffer Overflow Attack
Exploiting RF Remote Controllers