One Article Review
| Source |  AlienVault Lab Blog |
|---|---|
| Identifiant | 8443348 |
| Date de publication | 2024-01-26 11:00:00 (vue: 2024-01-26 11:08:07) |
| Titre | Cybersécurité pour les systèmes de contrôle industriel: meilleures pratiques Cybersecurity for Industrial Control Systems: Best practices |
| Texte | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Network segmentation, software patching, and continual threats monitoring are key cybersecurity best practices for Industrial Control Systems (ICS). Although ICSs significantly improve health and safety by automating dangerous tasks, facilitating remote monitoring and control, and activating safety protocols in the case of emergency, they’re increasingly exposed to cybersecurity threats. In 2022, there was a 2,000% increase in adversarial reconnaissance targeting Modbus/TCP port 502 — a widely-used industrial protocol — allowing malicious actors to exploit vulnerabilities in operational technology systems. Fortunately, by taking steps to improve and maintain ICS cybersecurity, manufacturers can successfully reduce the attack surface of their critical infrastructure and keep threats (including phishing, denial-of-service attacks, ransomware, and malware) at bay. ICS cyberattacks on the rise ICS cyberattacks are on the rise, with almost 27% of ICS systems affected by malicious objects in the second quarter of 2023, data from Kaspersky reveals. Cyberattacks have the power to devastate ICS systems, damage equipment and infrastructure, disrupt business, and endanger health and safety. For example, the U.S. government has warned of a malware strain called Pipedream: “a modular ICS attack framework that contains several components designed to give threat actors control of such systems, and either disrupt the environment or disable safety controls”. Although Pipedream has the ability to devastate industrial systems, it fortunately hasn’t yet been used to that effect. And, last year, a notorious hacking group called Predatory Sparrow launched a cyberattack on an Iranian steel manufacturer, resulting in a serious fire. In addition to causing equipment damage, the hackers caused a malfunctioning foundry to start spewing hot molten steel and fire. This breach only highlights the importance of safety protocols in the manufacturing and heavy industry sectors. By leveraging the latest safety tech and strengthening cybersecurity, safety, security, and operational efficiency can all be improved. Segment networks By separating critical systems from the internet and other non-critical systems, network segmentation plays a key role in improving ICS cybersecurity. Network segmentation is a security practice that divides a network into smaller, distinct subnetworks based on security level, functionality, or access control, for example. As a result, you can effectively prevent attacker lateral movement within your network — this is a common way hackers disguise themselves as legitimate users and their activities as expected traffic, making it hard to spot this method. Network segmentation also lets you create tailored and unique security policies and controls for each segment based on their defined profile. Each individual segment is therefore adequately protected. And, since network segmentation also provides you with increased visibility in terms of network activity, you’re also better able to spot and respond to problems with greater speed and efficiency. When it comes to |
| Envoyé | Oui |
| Condensat | there 000 2022 2023 502 ability able access acls activating activities activity actors addition address adequately adopt adversarial affected agent algorithms all allowing almost also although amount anomalies anomaly any applications applied apply are area article at&t attack attacker attacks auditing author automating avoid based baseline basis bay becomes been before behavior best better boundaries breach bugs business by leveraging called can case caused causing chance change comes common compliance complicated components compromised consideration consistent constantly contains content continual control controls controls” create critical cyber cyberattack cyberattacks cybersecurity cyberthreats cycle damage dangerous data date dealing defined denial designed destruction detect detection devastate different difficult disable discovered disguise disrupt disrupting distinct divides does downtime dwell each easier effect effectively efficiency either emergency emerging endanger endorse ensure environment equipment established establishing evolving example expected exploit facilitate facilitating fines fire firewall firewalls fortunately foundry framework that from functionality further get give government greater group hackers hacking hard hardware has hasn’t have health heavy helping helps here highlights hot ics icss implement implementations importance important improve improved improving including increase in increased increasingly exposed individual industrial industry information infrastructure instead internet involves involving iranian it’s kaspersky keep key last lateral latest launched legitimate lets level like limit lists local logical loops machine maintain make making malfunctioning malicious malware management manufacturer manufacturers manufacturing means method methods minimizing modbus/tcp modular molten monitoring movement need needed needs network networks newest newly non not notorious numerous objects one ongoing only operational operations optimize opting order other outdated paid particular particularly patch patches patching performance phishing physical pipedream pipedream: “a plays policies port positions post potential power practice practices predatory prevent private problems profile protect protected protocol protocols provided provides quarter quickly ransomware reconnaissance reduce regular regularly regulatory releases remote repairing respond responsibility result resulting reveals rid rise rise risk risks role routers rules safety sanctions schedule scheduled second sectors security segment segmentation separate separating serious service set several should significantly simplify since smaller software solely something sparrow speed spewing spot stability start stay steel steps strain streamline strengthen strengthening subnetworks successfully such sure surface system systems systems: tailored taking targeting tasks teams tech and technology terms themselves therefore these they’re threat threats time times to effective traffic turn unique update updates updating use used users vendor views virtual visibility vlans vpns vulnerabilities warned way when which widely within without works year yet you’re your |
| Tags | Threat Ransomware Malware Patching Industrial Vulnerability |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.