HMS Industrial IoT Blog

Stay up to date with the latest technical developments and trends within industrial communication and IoT.

Do you need cybersecurity on your Operation Technology (OT) applications?

by Kurt van Buul | Apr 30, 2021

Security

In a series of blogs we want to pay attention to the need for cybersecurity in Operation Technology (OT) applications. We start with a historical overview as an introduction.

The first IT viruses were developed in the early 1970s and in those days were spread via Floppy Disks and (later) USB sticks. They were originally created by programmers to show off their abilities. With the expansion of the Internet, viruses shifted towards cyber threads which we are all aware of. Cybercrime has now become an international business.

Meanwhile, OT was quite an innocent environment where PLCs, controllers and nodes simply worked together for a certain task. This changed drastically in 2010 with the discovery of the virus Stuxnet. Suddenly it became clear that OT could be at risk too!

Traditionally, OT was an “air-gapped” environment, meaning that it was not connected to external networks or other IT infrastructure. With the growth of the Industrial Internet of Thing (IIoT) or “Industry 4.0” the gap has been closed, and OT networks are widely connected to IT systems and to clouds.

Though IT Incidents are much more frequent, OT Incidents are more destructive. IT incidents often cause loss of data or value, with big impact to victims, but they are recoverable. A security breach in an industrial or infrastructure system can lead to so much more. The recent - but failed - attempts to adjust chemical levels in the water systems in Israel or Florida make clear what the threat towards larger groups, populations or even nations could be.

A black box for IT engineers

Bridging the gap technology wise, doesn’t imply the gap has been closed from an organisation or human point of view. OT has fundamentally different functionality compared to general IT and is still generally only known by specialists involved in their industrial applications. Their primary focus is on safety and process continuity. When IT security engineers look at OT systems they see an unknown world as some sort of black box. The components used are often screenless, communicate over industrial protocols never seen on IT networks, lack security tools (e.g. firewalls, antivirus) and are rarely patched.

On the other side, OT is not aware that they have become part of an IT environment. Why they are not aware of this, and how this came about, we will discuss next time.

View our extensive selection

Industrial IoT Blog

Stay up to date with the latest technical developments and trends within industrial communication and IoT
Explore our Media Collection

Media Library

Browse through the videos, podcasts, imagery, whitepapers, and ebooks created by HMS Networks
Customer Testimonials

Case Studies

Our customers speak for us when it comes to the quality and dedication we give to them, see all of our success stories.
Upcoming Events

Tradeshows and Events

See what events and trade shows HMS will be attending to have a look at our latest technology and speak to one of our experts.