It is certainly not impossible to maintain an air gapped control system network, but all too often risk assessments and penetration tests reveal they are a dying breed. Likewise, numerous case studies and research into ICS-focused adversaries reveal many threat groups leveraging IT exploits to traverse into the OT network. Both scenarios confirm the fact that OT and IT cybersecurity need each other for a holistic security posture. A recent case study by Mandiant’s OT Red Team – to access the endpoint meter control infrastructure for a state-wide smart grid environment from the Internet and turn it off – illustrates how the concept of an ‘air gap’ separating OT assets from external networks is a rare exception and not the rule. Read more at FireEye.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!