Before we begin, let’s start with a (seemingly) silly question: What do a water treatment facility, a large electric plant, a meat processing plant, and a large brewery have in common? If you happened to muse, “I wonder if these have all been targets of OT infrastructure breaches?”, then you’re right! These operations (and many others like them) may not seem to be ripe targets for global hackers at first glance. However, in this post we aim to pull back the covers just a bit to uncover vulnerabilities inherent in OT systems and the attacks that have been leveraged against them.
Operational Technology (OT) - Simply put, OT is the integration of hardware and software systems that monitor and/or control physical processes in industrial and critical infrastructure settings.
Programmable Logic Controller (PLC) - PLCs are industrial computers typically used in industrial or manufacturing settings to monitor or control processes. These computers are purpose-built and typically ruggedized with specific form factors to fit into rackmount systems. PLCs are essentially the “atomic elements” of larger systems (discussed next in this list).
Industrial Control System (ICS) - An ICS exists to monitor or control industrial processes, such as those present in power plants, manufacturing processes, or oil and gas pipelines. Data can be output from the systems for humans to view or fed back into the system to maintain specific parameter states. A distributed control system (DCS) may amalgamate a number of ICSs.
Supervisory Control and Data Acquisition (SCADA) - SCADA systems are typically networks of ICSs that integrate computers and networking equipment for centralized control and monitoring of production data.
While IT and OT security share similar characteristics, these two topologies are quite dissimilar in their use case and scope. Fortinet identified four primary differences between the two:
Critical operations controlled by ICSs and SCADA systems are being targeted by hackers from around the world. These systems may be used to manufacture goods, provide power to citizens, or even control a city’s water supply. In the next post, we take a look at how both governments and commercial operators are bolstering defense capabilities to resist efforts made by nefarious actors.
Thanks so much for reading this post; we look forward to seeing you next time!
If you’re interested in finding out more about securing OT systems, check out the resources below:
Take the next step toward continuous security improvement
With SimSpace, you can assess
and optimize your complete
security posture — all in one platform
Stay connected
to SimSpace
Want to stay on top of the latest SimSpace
and cybersecurity news and updates?
Please enter your email below
By filling out this form, you agree to SimSpace's terms of use and privacy policy