In the last decade, there has been a lot of talk about oncoming digital transformation and industry 4.0 — but in reality it’s already here. We’re living in a technology-driven era with pervasive connectivity in everything from our homes to the factory floor. While this highly networked existence has streamlined many work processes and made our collective lives more convenient, it has also opened up a host of new vulnerabilities. This is especially the case when it comes to operational technology (OT) and older legacy systems. Is this all sustainable or are we heading for cyber chaos?
The benefits of this connectivity are obvious, said Moty Kanias, VP of cyber strategy and alliances at NanoLock. Interconnectivity has powered everything from self-driving cars to medical devices to the plant floor. But there is also a dark underbelly to putting everything on the internet. OT systems tend to be older, making them more complicated to protect and exacerbating the problem.
“When you think of it and look at it closely, you’ll find that it’s just a bunch of legacy software and legacy hardware that are all connected together, with new and complex software and hardware that are all connected together,” Kanias said. “Therefore, it’s not as strong as we want it to be. Vulnerabilities are all around non-supporting systems. There are still companies that are using Windows XP. There are organizations that don’t patch their systems. And when programming gets more and more complex, there are more and more human vulnerabilities and coding. That’s not good for our future.”
OT systems under attack
This influx of connectivity has made OT systems, especially critical infrastructure, more susceptible to attacks. One of the reasons for this is because there isn’t a clear border between information technology (IT) and OT systems anymore. As OT and IT get mixed together, everything is flattening. In addition, legacy OT is likely to cause a lot of cybersecurity problems in the future, with cyber criminals and nation-state actors alike looking to create chaos.
“Different governments that are looking for a quick buck or a better way to win the next war are doing everything in their power to destroy the systems that we rely on, which are operating systems, hardware,” Kanias said. “There will come a time – it could be in the next war – that we will have something a bit more frightening than a big [Chinese] balloon with sensors on it. It might be the beginning of the first cyber war, which is what I call cyber chaos.”
Technology only moves in one direction. If we look at the plant floor or a hospital, it’s nearly certain that there will be more technology and more connected systems in the future than there are now. Every day, people use more technology, have more devices connected, generate more data, require more computing and use more programs. This obviously leads to more vulnerabilities, especially given that people don’t always fix or patch their systems. This leads to the attack surface just getting bigger every day.
Closing the connectivity gap
Here’s the good news: In the face of all this threat, new products and cybersecurity vendors are coming online every day. People are working to solve these problems, while emerging technologies like artificial intelligence can be leveraged to manage the growing attack surface. Unfortunately, if we examine the amount and quality of recent attacks and compare them to where cybersecurity has progressed, there is a huge gap. It’s essential cybersecurity professionals work together to try to close this gap.
“We must close [this] together to make sure that we at least give adversaries some challenge before they can take down the electric grid, manufacturing critical infrastructure or tomorrow our banking systems,” Kanias said. “There are countries that are hitting the base of the world’s technology — attacking Microsoft, attacking Linux systems, which are just the backbone of everything we rely on now, including manufacturers of computers. It’s all around. And when you put them all together — supply chain, third-party, insider problems, which are just human vulnerabilities other than technology vulnerabilities — you just find something that is too big to take care of with today’s regulations or even cybersecurity systems. The gap is just too big.”