Operational technology, or OT, is the term widely applied to the networks that control industrial processes. These are the supervisory, control, and data acquisition (SCADA) systems and networks industrial and utility operations use to monitor, control, manage, and maintain the various processes they operate. For example, SCADA systems are essential in the efficient operation of the electric grid. OT systems are responsible for the oversight of the robots dedicated to assembly processes. Other OT systems control the flow of crude and refined petrochemicals in refineries.
Granted, this is a simplistic set of examples. The point is this, industrial processes have benefitted as much as data processes from the advances in automation and digital control. They are also equally vulnerable to cyber threats. Industrial processes use different communication protocols and command/operational languages than those common to IT networks. Modbus, Conitel, Profibus, and variants are communion communication protocols. Communication is often via dedicated, point-to-point links via RS-485.
Because many of the original and mid-generation protocols were proprietary to each provider, security was difficult to assess. Plus, operators and manufacturers both felt that OT systems were secure from cyber attacks because they were not connected to any networks that exposed communications to the outside world.
Today, almost all of this is a thing of the past. Most current OT systems use Internet technologies for communication. Data is collected from the field devices and communicated over networks nearly identical to those used by IT systems. The explosion of IoT devices further increases OT system vulnerabilities as devices connect can wirelessly rather than by twisted pair or other hardwired connections.
The result of all this is OT systems are not as resistant to cyber attacks as they were before. In many cases, the manufacturers of the systems lack the skills needed to develop secure products. Let’s add another twist; many modern networking and communication solutions are overlaid on old communication protocols. The intent is to take advantage of investments in existing controls, meters, and monitoring equipment while providing human-machine interfaces (HMI) and data management capabilities that provide more sophisticated control and optimization capabilities.
In these “hybrid” systems, hackers can use the same tools they attack IT systems with, penetrate the new overlays, and find themselves in a network with virtually no security. Not only is system data at risk, but the hackers may also be able to operate control devices that can stop or endanger processes. Hackers also have the potential to attack OT systems at the device level, either at monitoring devices or data collection devices commonly referred to as remote terminal units (RTUs).
Data encryption is one method of protecting these crucial systems. Encrypting the data streams increases the difficulty for bad actors by shielding the information from being used and modified after interception. Think of it as the layer of protection lying beneath the firewalls and other access controls. Tools are widely available for attacking the communications streams, but robust encryption makes those efforts useless as the hackers cannot subvert the data.
CRIP.TO offers the most secure encryption solution available to non-governmental and non-military users. The custom encryption hardware guarantees that no backdoors or similar vulnerabilities are built in during development and manufacture. The encryption methodology itself is unquestionably the best on the market, using a custom recipe of open source techniques that themselves are free of backdoors and vulnerabilities. Find out more about how our solutions can harden your OT systems and ensure uninterrupted operation or compromise.