Operational Technology (OT) systems become more and more interconnected nowadays. So, it is pivotal to address the associated OT cybersecurity risks to safeguard critical infrastructure and ensure the resilience of industrial operations in the face of evolving technological landscapes.
That is exactly why the EU CHARM (Challenging Environments Tolerant Smart Systems for IoT and AI) project exists. And as part of the project, we at SSH are researching, developing, and deploying scalable and easy-to-use secure access security solutions for the OT industry. With our expertise in secure communications and access technologies, we aim to improve the overall safety, security, and cybersecurity of OT companies.
Here's what SSH's CTO Miikka Sainio (photo below) says on why we at SSH create cybersecurity solutions for the OT sector:
“As it stands today, the OT sector is behind the technology and security curve compared to traditional IT sectors. As such, building features which will specifically help OT companies secure their infrastructures plays an important part in the security of broader societies or ecosystems. Being able to make OT companies safer is not a reward, it’s a goal. So, we want our societies and companies to be safe, especially as the threats such as ransomware or hack attacks are growing and becoming more sophisticated. Today, ransomware is an industry itself - there is ransomware as a service or platforms from which one can buy attacks. Due to this, it is very difficult for individual companies, especially OT companies, to defend themselves against such threats.”
OT cybersecurity for human safety and business security – a new normal
The convergence of IT and OT transformed industrial processes, enabling efficiency and productivity gains. But this type of integration also introduced new OT security challenges. OT systems, originally designed for reliability and safety, often lack robust cybersecurity features, making them direct targets for cybercriminals.
“OT professionals care about protection against physical harm to their employees or customers. However, such harm can be done today with cyberattacks. As an example: A while ago, the city of Tampa, Florida, was about to host the Super Bowl event. The entire region was overpopulated for a few days. A malicious person tried to poison the water by increasing the concentration of certain chemicals that are used to clean the pipes by 100 times what they were supposed to be at a water treatment plant, located in a nearby city. If that water would have been released for consumption, it would have caused a terrible disaster, sending a lot of people to the hospital and shutting down the water supply in the city. Thankfully, it didn’t go this way because the plant operator noticed that his mouse pointer was moving by itself under the control of the hacker. Through acting, the operator saved a lot of people, but just because the attack wasn’t sophisticated enough to go unnoticed. This is why OT cybersecurity is critically important,”highlights Eduardo Giancristofaro, Channel Development Director at SSH.
“OT cybersecurity plays an important role: it helps its users to prevent loss of time and assure production to ultimately deliver its products to their customers.”
Investing in cybersecurity for OT systems helps companies avoid the ramifications of cyberattacks, protect critical infrastructure, prevent equipment damage and operational disruptions, comply with regulations, safeguard intellectual property, and ensure business continuity. It is imperative for organizations to prioritize OT cybersecurity in order to minimize potential risks and associated costs, enhancing the efficiency and security of their operations, technology, and environments.
“Above all, the most important outcome for a plant is uninterrupted production. If production stops, the manufacturer can risk the entire value chain. As such, maintaining a high uptime and utilization is paramount for improved unit economics. Here is where OT cybersecurity plays an important role: it helps its users to prevent loss of time and assure production to ultimately deliver its products to their customers“, explains Eduardo.
What would happen to OT without cybersecurity?
Find out about the societal impacts of OT without cybersecurity in our short video:
Latest developments on PrivX OT Edition, a modern access security solution for OT
A set of essential features was developed for SSH's privileged access management solution, PrivX, which enabled and helped the OT industry on its journey toward modern OT cybersecurity. In PrivX, the Entity Behaviour Analyst Module was implemented. It uses deep neural networks to learn about normal, typical behavior. Using connections' metadata, it can automatically detect suspicious or abnormal activity. For example, it can detect anomalous connections made at unusual times or from unusual source addresses.PrivX then alerts system admins and blocks the anomalous connections.
Miika Sainio comments on the Entity Behavior Analyst Module feature: “This is proactive OT cybersecurity in real time, and it is essential as IT and OT cybersecurity is flowing through the log files with the aim to detect from them what has really happened within directed systems.”
As such, the functionality is acting as historic forensics – if security is breached, the log files are used to troubleshoot the root cause of the incident and could decipher the stolen or damaged information and any further reasons for system downtime. Further, it can detect abnormal activity or usage before it happens. Like this, it prevents malicious parties from doing damage instead of just reporting that some damage was done.
“We verify that the user comes from a trusted identity provider, if they are in the correct access groups, and if they have the correct attributions or roles from the identity provider. Then, based on those attributions we map roles into PrivX, which can be used for system access. This is all proactive and dynamic in the sense that users don’t have permanent credentials to access the target systems. They can authenticate to PrivX, and then PrivX acts like a gatekeeper. The User Entity Behaviour Analytics ties into the PrivX story quite well - it enables us to have a more complete offering and better safety solutions for IT and OT customers,” adds Miikka.
We at SSH continue to improve and develop new technologies within the OT cybersecurity industry.
“Our modern approach fits very well, so I believe that we have a good opportunity to be the vendor of choice which can boost the advancement of the OT market,” concludes Esa Tornikoski, PrivX Product Manager at SSH.
NOTE: The CHARM project has received funding from the ECSEL Joint Undertaking (JU) under grant agreement No 876362. The JU receives support from the European Union’s Horizon 2020 research and innovation program and Finland, Austria, Belgium, Czechia, Germany, Italy, Latvia, Netherlands, Poland, and Switzerland.
We at SSH secure communications between systems, automated applications, and people. We strive to build future-proof and safe communications for businesses and organizations to grow safely in the digital world.