Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe
  • Twitter
  • Facebook
  • LinkedIn

Industrial Attack Vectors: How to Shut Down OT Threats Before An Incident Occurs

Industrial Attack Vectors: How to Shut Down OT Threats Before An Incident Occurs

As industrial cyberattacks become more sophisticated, security leaders can use attack vectors to identify weak points in their OT infrastructure and stop attacks before they start. 

Operational technology has been around for decades, controlling the valves, pumps, transmitters and switches that keep our modern infrastructure humming. Protecting these critical functions has historically been a matter of physical security and safety. But as new connected devices populate modern plants and factories, OT infrastructures are increasingly vulnerable to cyberthreats — and the pace of attacks continues to grow.

Even if you’ve taken the most stringent measures to secure your OT assets, recent high-profile cyberattacks — from LockerGoga to Ripple20 — reveal the interconnected nature of modern industrial environments. Malware can easily traverse from IT devices to OT networks, and vice versa. Something as benign as a USB flash drive can provide a pathway to your most critical industrial control systems (ICS).

Convergence is increasingly playing a central role in ICS and thus must be at the core of any effective industrial security strategy. This begins with mapping the full extent of your modern OT environment, including every attack vector that a cyberthreat actor could potentially exploit.

Look beyond OT for a complete picture of your industrial attack surface

Mapping your full attack surface requires an adaptive approach to assessment. In addition to OT assets, industrial security leaders need visibility into IT and internet-of-things (IoT) devices, which comprise anywhere from 20-50% of modern industrial environments. They also need active querying technology capable of discovering the roughly 30% of dormant OT assets that are invisible to network- or passive-only detection. Seeing the full extent of your converged attack surface is key to eliminating blind spots across your environment.

Drill into situational data for every device and communication pathway

Finding “at risk” devices is the key goal of any reconnaissance effort. To defend your full asset inventory, you’ll need a deep understanding of each device’s build and current health, in order to harden it against attack. This includes information such as make, model, firmware, backplane details, open vulnerabilities and more. 

You’ll also want to understand each device’s orientation within your network, including the communication pathways between alike assets — such as controllers or workstations — which can become attack vectors if a malicious actor infiltrates your systems.

Address cyber exposure to stop attacks before they start

Traditional OT security has typically relied on a reactive security posture, essentially waiting for an attack to occur and only then addressing it. “Attack vectoring” — or investigating the potential routes that an attacker might take — makes possible a more proactive approach to securing your organization, by addressing the weak points in your OT infrastructure. By identifying high-risk pathways, open ports, unpatched vulnerabilities and much more, you’ll be able to identify how an attack may behave if introduced into your OT environment. 

Attack vectoring redefines your ability to address OT attacks before they occur. Running simulations can reveal weak points and specific devices or sectors that require special attention or security interventions. In the figure below, you can see how an industrial security solution like Tenable.ot uses attack vectors to pinpoint the areas of your environment that put your most critical assets at risk: 

Attack Vector view of industrial controllers within Tenable.ot

In addition to hardening your devices, you’ll also want to cover your bases if and when an attack does occur. This means establishing alarms — based on policy, anomalies or attack signatures — at entry points across your network to warn of high-risk activity before any damage occurs.

Start playing offense today to prevent damage tomorrow

As cyberattacks continue to target critical infrastructure, security leaders need a proactive approach to defend their industrial environments from the next emerging threat. To learn more about how OT attack vectors can fit into your industrial security strategy, download our whitepaper, “Prediction of an OT Attack,” or request a free Tenable.ot demo.

Related Articles

Are You Vulnerable to the Latest Exploits?

Enter your email to receive the latest cyber exposure alerts in your inbox.

Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year. Full details here.

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable.ot

Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.