How Automakers Can Put the Brakes on Malicious Activity in their OT Environments
July 13, 2020
At the end of 2019, the FBI issued a Private Industry Notification (PIN) warning of an increase in cyberattacks against the automotive industry. The PIN cited evidence of compromises to IT networks using brute-force attacks and phishing emails, resulting in ransomware infections and data breaches of personally identifiable information. The FBI assessed that malicious activity is likely to increase as the vast amount of data collected by autonomous and internet-connected vehicles makes manufacturers more attractive targets.
If Operational Technology (OT) networks could remain completely disconnected from IT systems, these attacks wouldn’t present a risk to automakers’ production environments. Unfortunately, that is not the case. IT-OT convergence has taken off as companies have unlocked tremendous business value from digitization initiatives that connect OT networks to IT systems for automation and inputs. Since OT networks are largely invisible to IT security teams, adversaries can enter through the IT side and remain undetected within the OT environment for months or even years, looking for subtle ways to undermine operations and create havoc.
To manage risk more effectively, auto manufacturers need to gain visibility across the entire OT environment. This is often a challenge for the following reasons:
Complex and diverse attack surfaces: Automakers typically have numerous, geographically dispersed factories with hundreds of networked assets, many of which are legacy devices.
Unauthorized users and misconfiguration: Many automakers struggle to effectively monitor and manage remote access to the OT environment and prevent unauthorized changes to OT assets, which can lead to misconfigurations and operational downtime.
Lack of production-related alerting: OT security incidents are often difficult to detect until after they have already begun to impact production, which can have a cascading effect on operations.
Download Claroty’s automotive-sector case study to learn why one auto manufacturer with more than 40 factories across two continents said, “Of all the platforms we evaluated, only Claroty’s was capable of giving us the unified view and total control we were looking for, and they did it with zero downtime. There honestly wasn’t even a close second.”
With The Claroty Platform—which includes Continuous Threat Detection, Secure Remote Access, and the Enterprise Management Platform—not only did this Claroty customer achieve comprehensive OT asset visibility, they also improved availability, reliability, and safety across their entire OT environment.
To see for yourself how Claroty can help your organization address its own unique OT security Challenges, request a demo today.