With the increasing frequency and severity of cyberattacks in recent years, organizations across all sectors have placed their cybersecurity as their topmost priority, especially those in the manufacturing industry. This is no surprise seeing as approximately 90% of manufacturing companies suffered some form of cyberattack on their production or energy supplies in 2021.

That being said, improving operational technology (OT) cybersecurity is easier said than done due to the many technical, operational, and investment obstacles of such an endeavor. Regardless, as the world becomes increasingly more digital, industrial organizations must find a way to overcome these barriers and make progress in securing their OT environments.  

These are the signs to look out for that indicate your OT cybersecurity posture may be outdated and needs to be upgraded immediately.

1. Unsupported or outdated operating systems

Today, countless OT devices embedded with unsupported or outdated operating systems, like Windows 7, Windows XP, and even Windows 95, can still be found in many modern OT environments. This is because many OT systems and devices were developed way back when devices were still air-gapped, and things like authentication, encryption, and cybersecurity were not much of a concern.

A recent report from Microsoft further supports the prevalence of this issue, as it is estimated that 71% of OT systems have unsupported or outdated operating systems, while 66% no longer have automatic updates. Unfortunately, not much can be done about these embedded systems unless the vendors that built them do not upgrade. And even if they could do so, there would be a significant cost from the downtime involved in replacing these outdated systems and processes.

2. Weak or insecure passwords 

Legacy software found in many dated OT devices comes with many shortcomings from a modern perspective, including the lack of stronger authentication. However, operators familiar with these devices do not often see this as a problem since insecure passwords provide convenient entry to the networks they need to access to do their jobs.

However, this also makes it easy for cybercriminals to gain unauthorized access by guessing or brute-forcing their way in. Earlier this year, the Cybersecurity and Infrastructure Security Agency warned that hackers were accessing internet-exposed uninterruptible power supply devices because they were still using default usernames and passwords.

To prevent cybercriminals from gaining unauthorized access to critical OT assets, consider adopting protective measures like OPSWAT OTFUSE™, an industrial IDS/IPS appliance that protects PLCs and other key devices by applying highly granular device access policies and enforcing device access zones.

3. Using traditional means of risk assessment

Another glaring issue with organizations using older OT cybersecurity is the design of their risk assessment. The traditional method starts with determining risks through a survey-based approach and reviewing the data from IT management databases. The data is then evaluated to create a roadmap of initiatives that must be completed over time.  

This way is appropriate in many IT environments since the initiatives are done centrally, but it poses significant problems when extended into a distributed industrial environment. First, survey-based assessments in ICS/OT environments generally lead to insufficient practical information for many reasons, such as lack of systems management data, personnel on-site typically do not know the answers to the questions, etc. This leads to a lacking foundation to go on. 

Second, remediation is not an enterprise solution. More often than not, each facility or site requires a unique patching approach depending on their devices, configuration hardening, etc. Keep in mind that many environments do not operate from a central active directory server, which means enterprise solutions will require local deployments, leading to a substantial lag between assessment and remediation. 

Conclusion

As operational technology becomes more cloud-managed and internet-facing, industrial sectors become more exposed to threats that could lead to more devastating consequences than IT data breaches. Given the inherent cybersecurity vulnerabilities of many OT systems, it is imperative to look for the signs yours may need to be updated sooner than later.

If it is time to improve your OT cybersecurity, Allied Solutions can help you achieve your security posture goals. We deliver cost-effective turnkey solutions that meet your operational needs, including OPSWAT’s IT and OT critical infrastructure cybersecurity solutions designed to elevate your OT security posture. To learn more about our other products, such as Parsec’s TrakSys Software, GE Proficy Historian, and more, don’t hesitate to contact us today.