From financially motivated ransomware attacks to state-sponsored disruption of critical infrastructure, governments and enterprises are keenly aware that OT needs to be well protected.
As the Russia-Ukraine conflict has demonstrated, protecting critical infrastructure is a major part of national defense. Governments around the world are gravely aware of this.
However, with critical infrastructure such as telecoms, transport and utilities often managed and run by private enterprises, it behooves governments, defense organizations and critical private critical infrastructure companies to collaborate effectively to ensure essential operational technology (OT) infrastructure is protected – be it from war, natural or man-made disasters.
Another aspect of such threats, of course, is locking critical infrastructure up until ransom is paid. This is increasingly problematic as more OT networks converge with IT networks.
With possible attacks from financially motivated cybercriminals to state-sponsored cyber-warfare, what is at stake, and what can be done? CybersecAsia discussed the questions with Jess Ng, Country Manager, Singapore and Brunei, Fortinet.
How is the cyberthreat landscape changing in Asia?
Jess Ng: The cyberthreat landscape in Asia is rapidly changing, with the rise of ransomware cases being a major cause for concern. In Singapore, for instance, 137 ransomware cases were reported to SingCERT in 2021, a 54% increase over the 89 cases in 2020. This growth can be attributed to the increasing use of ransomware-as-a-service (RaaS) by threat actors, who can now easily lock people and businesses out of their devices and applications without requiring technical skills.
Another worrying trend is the evolution of dual-stage attacks, where threat actors conduct reconnaissance to search for sensitive files and components to tamper with, resulting in longer downtimes and loss of trust from customers.
Finally, the convergence of IT and OT technologies has led to an increase in OT-related attacks. With OT machines now connected to the network, organizations are deploying multiple security controls from different vendors, which exacerbates complexity and security gaps. It is crucial for organizations to integrate security controls to protect against evolving threats.
What would be the repercussions of a cyber-attack on our critical infrastructure?
Jess Ng: The consequences of a cyber-attack on critical infrastructure could be catastrophic. From crippling essential services like water, electricity, and transportation, to endangering national security and even human life, the stakes are high. Unfortunately, attacks on operational technology (OT) are becoming increasingly common, with 93% of OT organizations experiencing at least one intrusion in a 12-month period.
To protect against these threats, OT organizations must adopt a two-pronged approach. Firstly, by implementing zero-trust access (ZTA) to restrict access to sensitive resources, and secondly, by investing in behavioral analysis methods to detect and neutralize suspicious activity. Without these measures, the consequences could be dire.
Why do critical infrastructures need to adopt a proactive approach to cyber defense?
Jess Ng: As IT and OT converge, protecting critical infrastructures from cyberthreats becomes increasingly complex. That’s why a proactive approach to cyber defense is crucial for safeguarding these systems from malicious actors.
By using a platform approach that provides complete visibility and control, organizations can extend security beyond their on-premises systems, including the operating system, network infrastructure, and IoT/IIoT devices.
This strategy also emphasizes behavior analysis and early threat detection, ensuring critical systems are protected at every connection point. With cybercriminals showing no signs of slowing down, a proactive cybersecurity strategy is essential to keeping critical infrastructures secure.
What advice do you have for Asian OT organizations to defend themselves against such attacks?
Jess Ng: OT organizations in Asia need to recognize the importance of developing robust OT cybersecurity strategies to defend against evolving threats. However, our survey found that only 26% of organizations in Asia Pacific have a mature OT security posture. This highlights the urgent need for a collective effort to establish a cyber-secure culture by bridging the gap between operations and IT.
Moreover, businesses need to address the skills gap in hiring for a broad range of security and IT network-related roles and specializations. Employee awareness is also crucial, with 56% of Asian leaders admitting a lack of it. Governments are also concerned, with 69% of national governments and 61% of state-level government organizations expressing similar sentiments.
To overcome these challenges, OT organizations must adopt platforms that support lean security teams with integrated, automated protection across evolving OT and IT environments. The security of critical infrastructures is only as strong as the weakest link, so it’s time to act now to defend against cyberattacks.