Skip to content

What Industrial Control Systems Can Do Today To Prevent Being Hacked Tomorrow

Industrial control systems in transportation, manufacturing, energy, and more have been prime targets for hackers for many years. As hacking groups continue to attempt to breach these networks, the number of cyberattacks is on the rise. Moreover, the fact that traditional industries often run on outdated operating systems isn’t doing much to help decrease their vulnerability to hackers.

Naturally, hackers know all of this and the impact of the damage they can cause to such mammoth systems. From compromised sensitive data and critical systems, to complete network shutdowns due to ransomware attacks, hacker attacks on industrial systems can sometimes even lead to physical harm. An example of this might be changing sodium levels in water supply, the results of which would be far reaching and potentially, disastrous.

16.7% of attacks on

industrial control centers

are via the Internet

*Source: Kaspersky Lab’s Threat Landscape for Industrial Automation Systems 

Critical Infrastructure Access Challenges

Critical infrastructure industries, such as energy and transportation, are highly dependent on different systems located in their OT and IT networks for day-to-day organizational operations.

While many of the OT systems use legacy and proprietary protocols, many systems have migrated to standard TCP-based protocols. This has enabled IT teams to provide easier remote/cross-network access to OT-based systems often carried out using solutions such as VPNs or remote desktop services.

However, IT/OT personnel face many challenges when trying to provide remote access. Among them:

  1. Controlling access between different network segments, such as IT to OT, while preventing lateral movement.
  2. Controlling and securing remote access to IT and OT located systems for external users, while supporting different types of users accessing a variety of systems (new and legacy), using different remote access tools (such as VPN). In addition, access must only be granted after trust is established, and networks are hidden from unauthenticated users.
  3. Controlling and securing access to IT and OT located systems for internal users, while segmenting the users from the systems and applications, and ensuring access is only be granted after trust is established, and services are hidden from unauthenticated users. In addition, the need to add MFA to applications which do not support MFA is a big challenge.

 Changing the way secure access is granted

Safe-T’s ZoneZero® offers critical infrastructure organizations a solution that changes the way secure access is granted from the get-go.  Acting as a perimeter access orchestration platform that provides central management of all secure access technologies, ZoneZero® helps organizations to achieve zero-trust network access (ZTNA).

The first-ever perimeter access orchestration solution, ZoneZero® incorporates four key factors:

  1. ZoneZero SDP architecture – A clientless ZTNA solution for non-VPN users
  2. ZoneZero VPN architecture – A ZTNA solution for VPN users, achieved by integrating with all VPN solutions

It also allows critical infrastructure organizations to support:

  • All user types – people (managed or unmanaged), applications, APIs, and connected devices
  • All user locations – external or internal
  • All application types – modern and legacy
  • All application locations – cloud or on-premises

Secure, transparent, controlled access for everyone and everything

ZoneZero® offers secure and transparent and controlled access for all types of entities – people, applications, and connected devices – to any internal application, and service, such as TCP based application, legacy applications HTTP/S, SFTP, SSH, APIs, RDP, and SMB.

Implementing Safe-T’s patented reverse-access (outbound) technology designed to eliminate the need to open incoming ports in the critical infrastructure industries organization’s firewall, ZoneZero® allows critical infrastructure organizations to logically segment their networks, preventing lateral movement between IT and OT networks.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Safe-T® Group Ltd.
Safe-T Group Ltd. (Nasdaq, TASE: SFET) is a provider of Zero Trust Access solutions which mitigate attacks on enterprises’ business-critical services and sensitive data, while ensuring uninterrupted business continuity. Safe-T’s cloud and on-premises solutions ensure that an organization’s access use cases, whether into the organization or from the organization out to the internet, are secured according to the “validate first, access later” philosophy of Zero Trust. This means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network or in the cloud.

Safe-T’s wide range of access solutions reduce organizations’ attack surface and improve their ability to defend against modern cyberthreats. As an additional layer of security, our integrated business-grade global proxy solution cloud service enables smooth and efficient traffic flow, interruption-free service, unlimited concurrent connections, instant scaling and simple integration with our services.

With Safe-T’s patented reverse-access technology and proprietary routing technology, organizations of all size and type can secure their data, services and networks against internal and external threats.