Good more balanced view of the recent SCADA threat in infrastructure. Remote access is a classic potential security weakness. Have myself been involved in the need to monitor and control industrial systems remotely The failure was not including several elements in the remote connection. Fix that now, early warnings are good. Good points made here:
Increased uptime? Check. Better access to outside expertise? Check. Improved first-time-fix rate? Check. in Tripwire
These are just some of the benefits of industrial remote access. Yet many customers are reluctant to embrace remote access. Not only that, but incidents such as the breach at the Oldsmar water utility might increase organizations’ reluctance to use remote access.
Using Oldsmar as an Example
The benefits of remote access should not be in dispute. So rather than making remote access the scapegoat, let’s consider the incident at Oldsmar water utility briefly.
It has been established that the nefarious actor was able to access the SCADA system via TeamViewer. The details of how they were able to gain access via TeamViewer is still unknown.
So, based on this information, TeamViewer is the villain, correct?
The answer is not binary. TeamViewer serves a legitimate purpose if used correctly. In this instance, to understand if TeamViewer was the right tool, let’s consider the application more closely.
As a water authority, the Oldsmar plant’s main KPI is to keep the plant operational 24/7 because we all want safe and clean drinking water when we start the tap! This means minimal downtime, timely notifications of any alarms and the ability to diagnose faults promptly. Remote access is an essential tool to achieve this objective. The remote user does not need access to the utility’s IT network to keep the plant operational. And, this is the key – IT and OT’s remote access needs are different .... "
No comments:
Post a Comment