Cybersecurity 101: The Difference Between IT and OT Attacks

There are two categories of cyberattacks, but they can create a bridge to one another, creating a potential avenue for cybercriminals to access the organization.

The difference between IT and OT cybersecurity attacks.
The difference between IT and OT cybersecurity attacks.

According to “2021 Cybersecurity: Assess Your Risk,” a new report from PMMI Business Intelligence, Information Technology (IT) attacks “specifically target the enterprise IT systems at a manufacturer, seeking to gain entry through vectors such as email, a CRM system, or an ERP program, which can span across an operation.”

Operational Technology (OT) attacks “are designed to exploit the systems that are directly on the plant floor. An OT attack can originate through vectors such as individual sensors on the production line, SCADA/HMI panels, or even unsecured PLCs.” Said one CEO of a software security partner, “There have also been malware attacks on motion and vision systems on the plant floor, therefore it is imperative that manufacturers know their updates are only coming from trusted suppliers.”

While the IT and OT networks in an organization are distinct and separate entities, they can be connected to some extent, causing vulnerabilities to both ends of the operation. An example would be having access to an ERP system directly on the plant floor.

More on OT: Safeguarding Robots and Components

Vulnerabilities have been detected in both robotics and smart components on individual machines, and those that are connected to the enterprise network, or even directly to the internet, are vulnerable. Robotics can be programmed with malicious code to disrupt production and potentially damage the surrounding environment, while components like PLCs can be accessed to gain real-time visual surveillance of an operation.

   Read about which components are critical for risk assessment.

How cognizant are manufacturers to OT cyberattack risk? In a recent survey, 53% of responding manufacturers stated that their OT operations were vulnerable to potential tampering, and the same number revealed that they had a breach occur in OT operations within the last 12-24 months. Despite these facts, 81% of operations that security firm Dragos worked with in 2019 had extremely limited (or even no) visibility into their industrial control system (ICS)/OT networks, meaning they could not be monitored or analyzed for potential breaches. The report states that to properly address cybersecurity concerns and thoroughly harness emerging technology, manufacturers will first need to understand their operations, particularly those areas that are vulnerable to cyberattack.

Beyond understanding operations, people are also key to preventing attacks. Said one Managing Director at a cyber partner, “Manufacturers are receiving constant attacks of malware and ransomware and proper firewalls are a must, but most important is employee training: all people in your business are stakeholders in prevention.” And another automation engineer of a household products manufacturer said, “The greatest risks are the people inside the company lacking the experience and understanding on how to safeguard our intellectual property.”

Download this FREE report below.

Source: PMMI Business Intelligence, “2021 Cybersecurity: Assess Your Risk”

More in Business Intelligence