Operational technology is a security challenge for industrial organizations around the world. The repercussions of an OT hack can pose dangers for society as a whole, as we saw recently in the Florida water hack.
Improving OT system security is a challenge. Many of these systems run on legacy applications and simply cannot upgrade to more secure versions. And the way to OT security is an even steeper uphill climb now than it used to be, thanks to the sheer quantity of remote connections needed in the COVID-19 work-from-home environment.
“We shouldn’t blame people who need to run legacy applications. We can help by deploying a number of deception legacy systems to attract threat actors and take and collect IoCs and TTPs.”
-David Barroso, CEO and Founder of CounterCraft [Tweet this!]
Deception is very useful in this context as a way to improve OT security. It works by providing a fully instrumented OT environment to access and explore for any threat actors, and this environment can even be programmed to automatically react to adversary behavior using rules-based responses.
Watch the full video featuring CounterCraft CSO Dan Brett and CEO David Barroso, to find out what happened from an IT security point of view and what can be done to mitigate these risks.