Cyber Defense eMagazine May Edition for 2022

More documents

Recommendations

Info

Device hardening Many of these devices operate in an environment of a customized special purpose hardware and software platform. The platform’s operating system is typically a stripped-down popular OS such as Windows or Linux. The underlying assumption is that such devices, corresponding platform, and the application will operate in a closed environment and do not need to be hardened for full security, as offered by a nonstripped standard OS. Lack of hardening is a risk that the modern-day attackers understand well and have figured out how to leverage. The other dimension to the security risk is the outdated OS such as Windows 95, NT, Windows 7, XP or similar older versions of Linux. The lack of upgrade to these OS from the OEM and lack of connectivity from these devices to the OEM adds to the hardening risk. The third dimension to the security risk is the arcane but field proven utilities. Based on their age and the design parameters for security, the risk should be assessed. Some of the obvious insecure utilities use unencrypted data such as ftp and sh instead of sftp and ssh. IoT management Information Technology (IT) is traditionally known as the technology that deals with information to make decisions to operate and protect its own infrastructure. In the world of IoTs the Operational Technology (OT) is employed and architected along with IT. OT is used to monitor and control the IoT/IIoT devices through a good understanding of the device which generates events and takes appropriate actions based on the generated event. OT operations on its own with no other outside connection is generally quite safe. However, IT and OT are inherently interconnected making it easier to pass inherent risks and benefits of each architecture to the combined infrastructure. OT acts as a bridge that increases the security risk to the IoT/IIoT infrastructure through expanded connectivity to the attackers. IT is traditionally more agile and less rigorous, requiring much more sophisticated security risk management. OT is inherently different on both fronts, the agility and rigor adding significant security risk while facilitating easier operations. To get a sense of heightened security risks, a Kaspersky analysis of its telemetry from honeypots in the 1st half of 2021, more than 1.5 billion IoT attacks were detected during the period. These were up from 639 million during the previous half. The rate of growth of attacks on the IoT/IIoT devices and the infrastructure has more than doubled causing increased attention to the security. Dated data management Information Technology is considered data centric whereas Operations Technology is considered management oriented. This is a good functional description and de-emphasizes the importance of data in Operations Technology. Most cyber security attacks are centered around the data and lack of emphasis on data in Operation Technology is fundamentally a risk. Cyber Defense eMagazine – May 2022 Edition 154 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Common risk metrics for these can be viewed from a couple of perspectives. One is how is the data accessed or is the data in transit encrypted? This is critical to ensure that even if someone accessed the data, can they do anything with it to take a detrimental action such as create operational disruptions, impose physical harm, or raise financial liability to name a few? The other aspect revolves around the data protection in the case a breach really occurs. This is referred to as data encryption at rest. This is generally not thought through during the system design of an IoT devices-based infrastructure such as control systems. There are many other risks that exist and we can probably go over them in the next installment of this article. To provide a glimpse of those risks, some of the standard proactive threat prevention methods can help us enumerate them and plan accordingly to mitigate them. These methods include authentication services, device manufacturer parameters such as default and maintenance access communication among collaborating devices and systems, operator errors or lack of security knowledge to name a few. Additionally, there is a class of industry specific risks. For example, fraud in financial IoTs is a commonplace occurrence. Similarly, the utility/energy companies have risks of service disruptions in the middle of the critical consumption period, overloading the inputs to permanently damage the entire infrastructure and literally stealing the outputs such as electricity, gas or water to cause huge financial damage. Risk Management Now that we know about the risks and challenges, let’s review the key components of risk mitigation and management. The saying “Intellectuals solve problems, geniuses prevent them” conveys the best approach from the design perspective, while the saying “An ounce of prevention is worth a pound of cure” describes the financial savvy of an organization. Security Hygiene Similar to the concept of healthy eating habits will prevent sickness while enhancing the longevity, security hygiene will help significantly in thwarting the attacks and hence provides one of the most effective mitigations. Some of this security hygiene include employing firewalls and Intrusion prevention systems to access Operations Technology Infrastructure and for Operation technology infrastructure to access physical devices infrastructure. This can also be augmented with modern authentication systems with safeguards such as multi-factor authentication to prevent unauthorized accesses. There are many other dimensions to security hygiene such as allowing encrypted traffic and reducing access levels down to need-to-know basis. The important aspect is to pay special attention to Security Hygiene as an important foundation for the security architecture and sharpening the focus on proactive security controls. Cyber Defense eMagazine – May 2022 Edition 155 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
Vulnerable Today, Hacked Tomorrow:
Page 3 and 4:
Interview with Morten Kjaersgaard,
Page 5 and 6:
@MILIEFSKY From the Publisher… De
Page 7 and 8:
Welcome to CDM’s May 2022 Issue F
Page 9 and 10:
Cyber Defense eMagazine - May 2022
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
occurs, then they are already too l
Page 25 and 26:
Understanding Russian Hacking Tacti
Page 27 and 28:
About the Author Chip Epps is the V
Page 29 and 30:
There are mobile device management
Page 31 and 32:
are complying according to a writte
Page 33 and 34:
‣ Map data transaction flows: A c
Page 35 and 36:
5 Key Learnings from Intel’s 2021
Page 37 and 38:
As with any broad technological hur
Page 39 and 40:
Zero Trust Architecture treats ever
Page 41 and 42:
Can you afford not to have zero tru
Page 43 and 44:
ETSI adopted a Delegated Act of the
Page 45 and 46:
deployment site3, ongoing secure up
Page 47 and 48:
References “EN 303 645 - V2.1.0 -
Page 49 and 50:
Tips for Implementing HITRUST for H
Page 51 and 52:
certified is only one part of a com
Page 53 and 54:
Cyber insurance policies: changing
Page 55 and 56:
Why cyber insurance matters? Cybera
Page 57 and 58:
If you want to establish SAP securi
Page 59 and 60:
A Resilience-Centered Approach to C
Page 61 and 62:
The importance of immediate action
Page 63 and 64:
1. Find a Cloud-Native Security Too
Page 65 and 66:
Interview with Morten Kjaersgaard,
Page 67 and 68:
About the Author Morten Kjaersgaard
Page 69 and 70:
The paucity of public fissures with
Page 71 and 72:
Keys to the solution are pairing id
Page 73 and 74:
The data shows that the digital ind
Page 75 and 76:
Penetration Tester Is Well-Renumera
Page 77 and 78:
through your network. In addition,
Page 79 and 80:
Centralized Decryption and Smart Tr
Page 81 and 82:
Data Poisoning Data poisoning happe
Page 83 and 84:
Cybersecurity’s New Frontier: Spa
Page 85 and 86:
About the Author Duncan Jones is He
Page 87 and 88:
to before. The capability of drones
Page 89 and 90:
Privileged Access Management as a K
Page 91 and 92:
• Which legal and industry compli
Page 93 and 94:
The Future of MFA Going Beyond Priv
Page 95 and 96:
The Real Value of MFA In a modern o
Page 97 and 98:
Historically, closing people out an
Page 99 and 100:
How The Updated CMMC 2.0 Rule Impac
Page 101 and 102:
• Physical Protection • System
Page 103 and 104: Bosch Aishield To Protect AI System
Page 105 and 106: About the Authors Amit is a seasone
Page 107 and 108: We could discuss the problems with
Page 109 and 110: Putting the Pieces Together Collect
Page 111 and 112: intermediaries, from cloud service
Page 113 and 114: A New Paradigm for Absolute Zero Tr
Page 115 and 116: Absolute Zero Trust - The Modern Pa
Page 117 and 118: 1) An insider with trusted access c
Page 119 and 120: Shaping a defense against insider t
Page 121 and 122: Right-Sized Access and The Least Pr
Page 123 and 124: Prevent Browser-In-The-Browser Phis
Page 125 and 126: seen recently through known vulnera
Page 127 and 128: Figure 1: CEMA operations (adopted
Page 129 and 130: cyberspace operations (CO) by stimu
Page 131 and 132: the challenges faced by all RF tech
Page 133 and 134: About the Author Brendon McHugh is
Page 135 and 136: security. Few, if any, enterprises
Page 137 and 138: In the case of our own tools, we ca
Page 139 and 140: question is how do you protect your
Page 141 and 142: Automotive is probably the most for
Page 143 and 144: Defend Your Castle with Zero Trust
Page 145 and 146: Make it all easier The great news i
Page 147 and 148: Transparency And Collaboration Betw
Page 149 and 150: About the Author Nick Sorensen is C
Page 151 and 152: Detecting and responding to threats
Page 153: Security Gotcha of Consumer and Ind
Page 157 and 158: The security system (XDR) should be
Page 159 and 160: Types of private personal data: •
Page 161 and 162: Google Passwords Check checks not o
Page 163 and 164: EXIF metadata includes camera model
Page 165 and 166: Russian mothers happily leak photos
Page 167 and 168: It looks like a regular document (l
Page 169 and 170: How the Cloud Upended Security - an
Page 171 and 172: as something that’s time consumin
Page 173 and 174: With the Office of Personnel Manage
Page 175 and 176: Cyber Defense eMagazine - May 2022
Page 193 and 194: CyberDefense.TV now has 200 hotseat
Page 195 and 196: Books by our Publisher: https://www
Page 199: Cyber Defense eMagazine - May 2022
show all

Cyber Defense eMagazine May Edition for 2022

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?