There was a time, not too long ago, when the only things connected to IT networks were IT devices. You know, computers and such. But that’s not true anymore.
Today, it seems like everything is connected to IT networks, including most devices which are part of an organization’s operational activities. And if they’re connected to the IT network, they are vulnerable to cyberattacks, just like IT devices.
OT Crashes the IT Network
From Tripwire, “Operational Technology is the combination of hardware and software that controls and operates the physical mechanisms of industry. OT systems play an important role in the water, manufacturing, power, and distribution systems that transformed industry into the modern age.”
The problem with securing existing OT systems is that most OT devices where never intended to be connected to an IT network. According to Otorio, “Traditionally, OT was an ‘air-gapped’ environment, meaning that it was not connected to external networks or digital technologies.” Or, if they weren’t air-gapped, they were connect to a non-IP network like SCADA, which was isolated from a company’s IT network.
Ironically, the SCADA devices were the first devices to crash (i.e., be connected to) the IT network. They did that by using small devices specifically designed to convert the SCADA protocol to IP. Of course this first generation devices were sitting ducks for cyber attackers as they were never designed with any internal defenses. Many of these devices are still in use today.
The second generation of OT-connected devices are native IP devices. That means they don’t need an additional device to convert one protocol to another to connect it to the IT network. But, because most of these newer devices are intentionally designed to conserve power (some are even battery powered), they have almost no extra processing power or data storage. In other words, they’re not in a position to defend themselves against cyber-attacks either.
So, you’ve got all of these first generation and second generation OT devices connected to the IT network, and almost none of them are in a position to defend themselves. How can your organization address this? The same way it does with IT devices. With threat modeling.
Threat Modeling to the Rescue
Threat modeling may have initially been intended to only model threats in software applications, but today threat modeling is used to model threats anywhere in the digital ecosystem. That includes OT devices connected to the IT network.
The reason it’s become essential to use threat modeling “companywide”, is because connecting OT devices to the IT network can make otherwise secure applications, unsecure. Everything on the network effects everything else. So, if you’re not threat modeling it all, as one total system, you may be overlooking something.
To make matters worse, in many companies, IT doesn’t communicate with OT, so they may not even know what OT devices are connected to their network.
Threat modeling today is about looking holistically at all attack surfaces—not just the obvious ones. That requires both bottom-up modeling of individual systems and top-down modeling, looking at everything and how it interacts. It also requires someone from corporate security, someone with a greater perspective, to get involved and to talk to people in both the IT and OT departments.
If your company is ready to start threat modeling your entire digital ecosystem, we invite you to check out ThreatModeler. ThreatModeler is a modern threat modeling platform which automates almost every aspect of threat modeling, for systems on-premises, in the cloud and everything in between.