Blog / 10 min read
As organizations strive to achieve greater efficiency and streamlined control of their operations, they have increasingly connected their industrial control systems (ICS) and other operational technology (OT) devices and systems with IT systems. This interconnectivity has allowed critical infrastructure organizations to gain better visibility into their processes and has given employees the freedom to access hardware and software controls without being on-premise. Recently, this transition towards increased connectivity was accelerated due to the global pandemic. As organizations shifted to remote work seemingly overnight, there was a universal wake-up call that put a spotlight on their lack of secure remote access capabilities. Although this connectivity brought about by IT/OT convergence and the transition to remote working environments has allowed organizations to gain better decision making and increased flexibility, it has also introduced significant risk by expanding the attack surface for cyber incidents.
OT remote access allows employees, contractors, and vendors of industrial organizations to remotely connect to the assets and systems that underpin their OT environment. As a result, these personnel are able to monitor, control, and maintain, and troubleshoot industrial equipment and processes without being on-premise at the facility. Operators, engineers, and technicians can establish a remote connection to access user interfaces, configuration settings, and real-time data — allowing them to adjust processes, make software updates, or troubleshoot problems. OT remote access provides many benefits to critical infrastructure organizations such as increased efficiency, improved response time to emergencies, cost savings, enhanced collaboration among employees in dispersed locations, and the flexibility to monitor and control processes outside of working hours. Unfortunately, there is significant OT cybersecurity risk that comes along with remote access, causing cyber incidents to outpace the benefits.
The cyber-physical systems (CPS) that underpin industrial environments many times lack even the most basic cybersecurity protections. This is due to the following challenges:
The majority of OT environments rely heavily on third-party and OEM vendors for technical support and to perform maintenance activities. At times, manufacturing organizations may be working with hundreds of third-party contractors. Many industrial organizations, unfortunately, lack the ability to effectively monitor and respond to the amount of changes being made by these vendors to their complex, geographically dispersed architecture. This challenge gets even more complex being that organizations often have to manage a considerable number of remote connections from OEM vendors who require access to vendor-specific assets for routine maintenance, resulting in a large number of remote connections that must be managed and tracked.
OT systems are typically connected to legacy devices that operate on outdated operating systems or software that is no longer supported. These devices are also not typically created with cybersecurity in mind, and can have decades long lifespans — allowing them to be more easily exploited.
Due to their long lifespans, applying patches and updates can be challenging due to concerns regarding the disruption of critical processes. As a result, organizations many times delay or avoid updates, leaving their system vulnerabilities unaddressed.
OT environments are typically managed by engineers, technicians, and operators who may not be fully aware of the potential risks and best practices for securing OT systems and devices. There is also a shortage of cybersecurity professionals with specialized OT cybersecurity knowledge, making it difficult to establish robust security measures.
Implementing effective OT cybersecurity strategies require significant investments in terms of technology, infrastructure, training, and personnel. With cost constraints affecting critical infrastructure organizations across industries, many prioritize other operational needs over cybersecurity and adoption of new technology due to limited resources.
Solutions like VPNs, commonly used in OT environments, pose considerable risks and introduce inefficiencies. VPNs face scalability and performance limitations, frequently necessitating organizations to invest in additional resources and infrastructure to cater to growing remote access demands. They introduce direct connectivity to lower levels of the OT environment, often breaking the Purdue Model of control hierarchy. This model is designed to prevent direct communication between certain levels, ensuring a layered defense. However, VPNs bypass these layers, breaking the segmentation, exposing crucial control systems, and creating potential pathways for cyberattacks. This direct, unsegmented connectivity extends the organization's attack surface, allowing potentially less secure or compromised devices to connect to sensitive OT systems. On the other hand, alternative solutions like jump servers are extremely inefficient, costly to manage, and time-consuming, further amplifying the challenges of secure remote access.
The challenges listed above have further fueled the device visibility challenge so commonly faced by industrial organizations. Not only do organizations lack the invaluable knowledge of what assets are located in their geographically dispersed environments, they also lack visibility into who is connecting to these unknown assets. You can’t protect what you can’t see, that’s why asset discovery is foundational in ensuring the resilience of OT environments.
Unlike IT systems, OT systems traditionally prioritize availability, reliability, and safety over security. Their goal is to ensure that their critical infrastructure operations are running smoothly and efficiently. Cybersecurity measures being viewed as secondary or overlooked can cause serious cybersecurity implications and disruption to operations. Addressing these challenges requires a holistic approach, where IT and OT teams work collaboratively, and cybersecurity awareness is raised amongst stakeholders.
Now that we understand the challenges facing OT environments, it is important to distinguish the difference between IT and OT cybersecurity when it comes to remote access. IT remote access refers to the connection to and management of systems such as servers, workstations, network devices, and databases. This form of remote access allows IT administrators, support personnel, or users to remotely access and control IT infrastructure to perform tasks such as software management, troubleshooting, or data retrieval. These IT systems are used for business operations, data processing, communication, and information management. OT remote access on the other hand typically manages systems in industrial environments including industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, programmable logic controllers (PLCs), and other devices used to monitor and control industrial processes. Unlike IT systems, these OT systems are dedicated to controlling and monitoring industrial processes, including manufacturing lines, power generation, oil refineries, water treatment plants, and more.
As we discussed, OT systems and devices tend to have decades long lifecycles, and are much less frequently updated compared to IT systems. They also operate in highly complex and interconnected environments, which will only become more interdependent as the extended internet of things (XIoT) continues to grow. Additionally, the consequences of a cyber attack on OT systems are more severe than IT systems, with the potential to cause physical damage, environmental impacts, disruption of critical services, or compromised public safety. The impact of a cyberattack to an IT system can be significant in terms of data breaches, financial losses, or reputational damage, but the immediate physical consequences are usually much less severe. Due to the critical nature of OT environments, the risks, challenges, and priorities of IT and OT remote access greatly differ. However, it is crucial that organizations adopt a comprehensive cybersecurity strategy that considers the specific requirements of both IT and OT — and this starts with the adoption of zero trust.
According to Gartner, zero trust is a “security paradigm that explicitly identifies users and devices and grants them just the right amount of access so the business can operate with minimal friction while risks are reduced”. Although zero trust is top of mind for most organizations as a critical strategy for reducing risk, few have actually completed zero trust implementation. It is essential for organizations to implement a zero trust strategy that addresses cyber threats and balances the need for security with the need to achieve operational resilience. Through zero trust adoption, organizations will shift their objectives by requiring continuously assessed, explicitly calculated adaptive trust between users, devices, and resources. Ultimately, zero trust principles will benefit OT remote access in the following ways:
Reduces unauthorized access by granting access to only specific OT systems or users only have the necessary level of access to perform their specific tasks.
Provides an additional layer of security with continuous authentication. Continuous authentication will help to verify a user's identity and trustworthiness throughout the remote session.
Emphasizes network segmentation by allowing fine-grained control over network traffic. This will allow organizations to isolate critical OT systems from less-trusted environments — reducing the attack surface and limiting the lateral movement of threats.
Protects applications and data regardless of their location or the devices accessing them. This allows organizations to discover, classify, and manage data access according to risk.
Supplies analytics and visibility to detect anomalies, suspicious behavior, or potential security incidents. By establishing continuous monitoring, organizations can identify potential threats or unauthorized activities in real-time — allowing for timely response and mitigation.
By adopting zero trust principles, critical infrastructure organizations can begin to establish a robust industrial cybersecurity framework and ensure they are reducing the risk of unauthorized access, data breaches, and compromise of critical OT systems. But, organizations still struggle with where to begin when it comes to implementing this proactive and layered approach to security. Next, we’ll discuss the best approach for establishing a strong OT remote access strategy to achieving cyber and operational resilience.
OT remote access is the most commonly exploited attack vector for industrial environments. That’s why Claroty created its Secure Remote Access (SRA) tool to eliminate this with a secure architecture and granular access controls. SRA is an OT remote access solution that extends zero trust based access controls by removing the complexity and administrative barriers to effective, efficient remote access to industrial environments for both internal and third-party users. Allowing access only if permission has explicitly been granted and alerting and disconnecting unauthorized remote access sessions. Administrators can also define and enforce granular access controls for industrial assets at multiple levels and geographic locations, and additional policies can be created for each asset to ensure the health and operability of the environment. SRA also extends to legacy assets, which do not support modern protocols. SRA supports the Telnet protocol to allow remote sessions to legacy assets, while maintaining tight security for the overall environment. The tool also has the capability to integrate with your organization’s existing security solutions, allowing for centralized security management, real-time threat detection, and the ability to correlate remote access activities with other security events in the OT environment. This feature allows for closer coordination between IT and OT security teams, providing them with the cybersecurity awareness they need to protect their critical infrastructure environments.
At Claroty, we understand that zero trust is not a one-solution challenge. By integrating with best-in-class solutions, SRA helps organizations to successfully implement zero trust policies, addresses any gaps in zero trust frameworks, and provides a purpose-built OT remote access solution to enforce these principles. It tackles the specific challenges posed by managing numerous third-party and OEM vendor connections, maintaining visibility of asset access, and offering a more secure and efficient alternative to VPNs that respects the Purdue Model and maintains the necessary segmentation of OT environments. SRA enables organizations to provide greater value and establish cybersecurity best practices, reducing the risk of unauthorized access, data breaches, and other cyber threats in the critical infrastructure environments.