Protecting industrial networks and connected equipment in the face of rampant cybercrime

During the confinement, cyber criminals took advantage of the opportunity to expand their activities.

They have never been more comfortable than during that period when telework had become the professional standard for many companies. They targeted all the institutions and structures they could. We are talking about health and medical organizations, international and governmental organizations, industrial companies, etc.

This was explained by the fact that a large part of the internet activities experienced a boom not due. Not to mention the near connection of private and public structures to the Internet. According to an analysis by checkpoint, the U.S. company specializing in the provision of computer security solutions, 92% of industrial companies, 63% of companies in all and 82% of healthcare organizations use or have used connected equipment. Together all companies are exposed to cybercrime in this kind of context. Because on closer inspection, almost all the tools are connected to the Internet directly or indirectly, because we will necessarily have:

– IP cameras,

– smart elevators,

– patient monitors,

– MRI machines and

– industrial control systems.

While this makes the activities of the majority of the company's actions easier, all connected devices are likely to make it even easier for many cyberattack opportunities. To illustrate our point, cybersecurity firm Checkpoint reported that 82% of health organizations and 67% of businesses have experienced security incidents affecting their connected devices at least once.

Unfortunately, connecting these devices to your computer network expands the attack surface and adds entry points that hackers can target. The risk is real as 67% of businesses and 82% of health care organizations have experienced security incidents related to connected equipment.

With all concerns, consideration should be given to the so-called critical infrastructure and the potential impact of cyber attacks against these structures. In this regard, Olivier Kauf of Checkpoint points out: "Critical infrastructure includes the water we drink, the electricity that feeds our homes and the transport of cargo around the world by sea, land and air. They direct emergency services and ensure that our traffic goes smoothly. They automate the manufacture of the products we use on a daily basis and supply our industry with oil, gas and renewable energy. They even control building management systems in hospitals, data centers and offices.

As you can see, an attack on critical infrastructure can affect almost everyone. (…) The security risk is greatly magnified. (…) Cyber attacks on critical infrastructure have increased by 2,000 per cent in 2019, often disrupting critical activities. Telework, made mandatory by coronavirus, has increased the risk to safety. There is currently a shortage of workers in critical infrastructure and, due to sick leave and quarantine measures, more employees are working remotely with fewer security controls on their personal networks than on the networks in their workplaces. ».

With the proliferation of remote services, especially during the fight against coronavirus, the remote contact of an employee and the network of his company, has opened more borders than he should. As experts say, the attack surface has widened. For example, if the terminal, where any other storage or connection devices used by an employee who works from home is infected, this exposes companies especially when returning to the office "because hackers can use that employee's privileges to move sideways, and move from the computer network to the industrial network and factory control systems. Once control systems are reached, hackers can supervise and manipulate operational components, such as by reading commands or modifying them to disrupt operations. said checkpoint's expert. "The attack surface of control systems and the frequency of attacks are increasing, with 61% of incidents disrupting companies' industrial networks and affecting production processes. Securing today's critical infrastructure against cyberattacks is more difficult than ever for several reasons. he is concerned.