{"id":1677,"date":"2025-03-24T19:56:39","date_gmt":"2025-03-24T16:56:39","guid":{"rendered":"https:\/\/cbernet.com\/cyber-security-alert-in-critical-infrastructures\/"},"modified":"2025-04-10T18:47:35","modified_gmt":"2025-04-10T15:47:35","slug":"cyber-security-alert-in-critical-infrastructures","status":"publish","type":"post","link":"https:\/\/cbernet.com\/en\/cyber-security-alert-in-critical-infrastructures\/","title":{"rendered":"Cyber Security Alert in Critical Infrastructures"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"1677\" class=\"elementor elementor-1677 elementor-248\" data-elementor-post-type=\"post\">\n\t\t\t\t<div class=\"elementor-element elementor-element-01d8e5a e-flex e-con-boxed e-con e-parent\" data-id=\"01d8e5a\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-05d2d97 elementor-widget elementor-widget-html\" data-id=\"05d2d97\" data-element_type=\"widget\" data-widget_type=\"html.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\n        <div class=\" meta-post et-shortcode\">\n\n                            <time class=\"entry-date published updated\" datetime=\"March 24, 2025\">\n                    24 March 2025                <\/time>\n                           \n        <\/div>\n        \t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-943de2a e-flex e-con-boxed e-con e-parent\" data-id=\"943de2a\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-99572af elementor-widget elementor-widget-heading\" data-id=\"99572af\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Why ICS\/OT Requires Special Controls and a Separate Cyber Security Budget<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0fa166a elementor-widget elementor-widget-text-editor\" data-id=\"0fa166a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Addressing ICS\/OT (Industrial Control Systems\/Operational Technology) security with traditional IT security methods is not only ineffective, but also high risk. In the rapidly changing world of cyber security, the needs of ICS\/OT systems are very different from traditional IT security. These engineered systems, which operate critical infrastructure such as power grids, oil and gas processing plants, heavy industry, food and beverage production, require specialised security strategies and controls due to their unique operational requirements and risks affecting the physical world. Protecting these systems against increasing cyber-attacks is critical for national security and economic stability. Implementing ICS\/OT specific cyber security controls and strategies is an effective and responsible approach.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-0a74429 e-flex e-con-boxed e-con e-parent\" data-id=\"0a74429\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0b40a17 elementor-widget elementor-widget-heading\" data-id=\"0b40a17\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Increasing Cyber Threats in ICS\/OT Environments<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-caebc79 elementor-widget elementor-widget-text-editor\" data-id=\"caebc79\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>ICS technologies, which form the basis of modern infrastructure, are becoming the target of increasingly sophisticated cyber attacks. These attacks usually aim to cause irreparable physical damage to critical engineering assets. Incidents such as TRISIS, CRASHOVERRIDE, Pipedream and Fuxnet demonstrate how cyber threats have evolved from mere nuisances to situations that can have devastating consequences. Such attacks by state-sponsored groups and cybercriminals go beyond financial gain and serve purposes such as war and sabotage. In addition, human-orientated ransomware and targeted ransomware against ICS\/OT systems have recently become a serious concern. According to data from the 2024 SANS ICS\/OT Cyber Security Survey, only 31% of respondents have a Security Operations Centre (SOC) with ICS\/OT-specific capabilities. This is a major deficiency in terms of effective incident response and system monitoring. Therefore, it is vital that critical infrastructures protect these engineered systems using ICS\/OT-specific threat detection and visibility controls.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-105f626 e-flex e-con-boxed e-con e-parent\" data-id=\"105f626\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-c2cfb31 elementor-widget elementor-widget-heading\" data-id=\"c2cfb31\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Assessment of ICS\/OT Cyber Security Expenditures and Risks<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ce844c3 elementor-widget elementor-widget-text-editor\" data-id=\"ce844c3\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Some ICS\/OT organisations may have imbalances in security budget allocation. In the past, the majority of cyber security funding was allocated to IT networks and technologies. However, increasing interconnectedness, IT networks and the Internet pose serious risks to ICS\/OT environments. According to the 2024 SANS ICS\/OT Cyber Security Report, 46 per cent of attacks on ICS\/OT environments originate from a vulnerability in IT support networks, impacting ICS\/OT networks and operations. This highlights the fact that a coordinated cyber attack carries serious environmental, operational and human security risks.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-565ac9c e-flex e-con-boxed e-con e-parent\" data-id=\"565ac9c\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-5b7e950 elementor-widget elementor-widget-heading\" data-id=\"5b7e950\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Evaluation of ICS\/OT Security Controls<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c78c6b9 elementor-widget elementor-widget-text-editor\" data-id=\"c78c6b9\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>Applying traditional IT security measures in ICS\/OT environments can create a false sense of security and disrupt engineering operations. According to the 2023 SANS ICS\/OT Cyber Security Report, only 52 per cent of these facilities were found to have an engineering-focused incident response plan.<\/p><p>Approaches such as SANS Five Critical Cyber Security Control for ICS\/OT environments are of great importance. These controls are designed to adapt to an organisation&#8217;s risk model and provide implementation guidance.<\/p><p>Even just one of these controls, \u2018ICS Network Visibility Monitoring\u2019, provides benefits that go beyond security:<\/p><ul><li>Safe, passive traffic analysis to identify engineering assets<\/li><li>Elimination of engineering problems<\/li><li>Detection of security vulnerabilities<\/li><li>Meeting compliance requirements<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-322fc5c e-flex e-con-boxed e-con e-parent\" data-id=\"322fc5c\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-c2fdffc elementor-widget elementor-widget-heading\" data-id=\"c2fdffc\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Strategic Reassessment Opportunities<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b679748 elementor-widget elementor-widget-text-editor\" data-id=\"b679748\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>ICS organisations can become more resilient to threats by redirecting cyber security spending towards operational technologies. Purdue Model 1. with 3.5. These goals can be achieved by prioritising between levels<\/p><p>ICS\/OT leaders and analysts can validate and implement the SANS Five Critical Cybersecurity Checks. You can also attend the ICS515 course to be held in New Orleans in February, or at the 20th ICS515 course in June. They can meet with experts on these topics at the annual ICS Security Summit.<\/p><p>Kaynak: <a href=\"https:\/\/thehackernews.com\/2025\/01\/the-high-stakes-disconnect-for-icsot.html\">https:\/\/thehackernews.com\/2025\/01\/the-high-stakes-disconnect-for-icsot.html<\/a><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Why ICS\/OT Requires Special Controls and a Separate Cyber Security Budget Addressing ICS\/OT (Industrial Control Systems\/Operational Technology) security with traditional IT security methods is not<\/p>\n","protected":false},"author":1,"featured_media":1566,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":["post-1677","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/posts\/1677","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/comments?post=1677"}],"version-history":[{"count":1,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/posts\/1677\/revisions"}],"predecessor-version":[{"id":1678,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/posts\/1677\/revisions\/1678"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/media\/1566"}],"wp:attachment":[{"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/media?parent=1677"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/categories?post=1677"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cbernet.com\/en\/wp-json\/wp\/v2\/tags?post=1677"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}