电视可以教给您有关IT / OT融合的知识 (Here’s What Television Can Teach You About IT/OT Convergence)
As our world becomes more and more interconnected, automation professionals are realizing that cybersecurity is critical to the survival of our companies. The International Society of Automation (ISA) launched the ISA Global Cybersecurity Alliance last year to help fight to keep bad actors out of our systems, but many companies still struggle with a simple issue: which department should handle cybersecurity?
随着我们世界之间的联系越来越紧密，自动化专业人员意识到网络安全对我们公司的生存至关重要。 去年，国际自动化协会(ISA) 启动了ISA全球网络安全联盟 ，以帮助将不良行为者拒之门外，但许多公司仍在为一个简单的问题而苦苦挣扎：哪个部门应该处理网络安全？
Should it be your IT team, who can monitor potential cyber threats coming in through your general internet access points?
Or should it be your OT team, who already routinely checks for threats to your physical devices?
We-along with the most recent data on industrial cyber threats-say this is the wrong attitude. Cybersecurity shouldn’t be left to one team or another. It should be a partnership.
我们连同有关工业网络威胁的最新数据一样，说这是错误的态度。 网络安全不应由一个团队或另一个团队负责。 应该是伙伴关系。
If your IT team and your OT team don’t talk to each other on a regular basis, then you’re not only leaving yourself open to threats, you’re basically inviting them in.
Before we begin, if you need a refresher of the difference between IT and OT, Coolfire has a great breakdown over on their page.
在筒仓中工作的危险 (The Danger of Working in Silos)
Here’s the most obvious reason that you simply can’t have IT teams and OT teams working separately: the world is getting smaller, and your company has more access points than ever before. Industry 4.0 is here, and even with the remarkable opportunities it brings, our new interconnected devices also carry inherent threats.
这是最明显的原因，您根本无法让IT团队和OT团队分开工作：世界越来越小，您的公司拥有比以往更多的接入点。 工业4.0即将到来 ，即使它带来了巨大的机遇，我们的新型互连设备也带来了固有的威胁。
Want another reason to bring IT and OT together? Hackers and other bad actors aren’t selective about the systems they attack to accomplish their goals-whatever those goals may be.
You can find plenty of examples of IT and OT systems being compromised by the same attack. Believe it or not, one relevant case study comes from the popular TV show “ Mr. Robot.” (By the way, if you work with cybersecurity in any capacity, this show is worth checking out! Most of the cyberattacks it portrays that have also been tested in the real world are extremely realistic.)
In the first season, the main character, a hacker played by Rami Malek, attacks a SCADA system in a prison to open the cell doors. As the storyline goes, he believed the jail had a programmable logic controller (PLC) system operating the doors-so by gaining access to that piece, he had access to everything.
在第一个季节，主角是拉米·马雷克(Rami Malek)扮演的一名黑客，袭击监狱中的SCADA系统以打开牢房门。 随着故事情节的发展，他相信监狱中有一个可操作门的可编程逻辑控制器(PLC)系统-因此，通过获得对该作品的访问权限，他就可以访问所有内容。
How did he get in there in the first place? This character had an accomplice drop flash drives infected with malware around the grounds of the jail. When a curious police officer plugged the drive into his laptop, the hacker gained full access to the prison’s network-including their SCADA system. It’s the perfect example of an IT exploit leading to an OT exploit.
他是如何首先到达那里的？ 这个角色在监狱周围有一个被恶意软件感染的帮凶下落闪存驱动器。 当一个好奇的警察将驱动器插入他的笔记本电脑时，黑客获得了对监狱网络(包括其SCADA系统)的完全访问权限。 这是IT漏洞导致OT漏洞的完美示例。
Think that we’re just having a little fun with a TV show plot?
Think again. According to a study by three prominent cybersecurity consultants, an event like this could easily happen in the real world.
Step by step, the entire fictional IT/OT attack on the prison was tested by actual cybersecurity experts from start to finish. They found it to be entirely, absolutely, 100% possible.
实际的网络安全专家从头到尾一步一步地测试了对监狱的整个虚构的IT / OT攻击。 他们发现完全，绝对，100％可能。
We’d also like to remind you of the Stuxnet attack in Iran back in 2010. More than 15 nuclear facilities were infected thanks to one inattentive worker’s USB drive. Not only is this scenario possible, it’s already happened.
我们还要提醒您回想一下2010 年伊朗Stuxnet袭击的情况 。一个不留神的工人的USB驱动器感染了15多个核设施。 这种情况不仅可能，而且已经发生。
这真的很重要吗？ (Is This Really a Big Deal?)
You might wonder, who would even bother hacking an OT system? How many people even know what SCADA is -let alone how to hack it?
您可能想知道，谁还会打扰OT系统？ 有多少人甚至知道SCADA 是什么-更不用说如何破解它了？
You might be surprised. While SCADA/ICS hacks aren’t as popular as some IT exploits, it’s easy to find everything you’d need to know. In fact, in researching this article, I came across step-by-step tutorials on how to find vulnerable systems, use Splunk to monitor them for security responses, and build and test a SCADA honeypot. I found default passwords for nearly all popular brand name systems and much more.
您可能会感到惊讶。 尽管SCADA / ICS骇客不像某些IT漏洞那样流行，但是很容易找到您需要知道的一切。 实际上，在研究本文时，我遇到了有关如何找到易受攻击的系统，如何使用Splunk监视其安全响应以及构建和测试SCADA蜜罐的分步教程 。 我找到了几乎所有流行品牌系统的默认密码，甚至更多。
How did I find this? Google.
It didn’t take any unique skills at hacking on my part. I simply Googled “hacking SCADA” and came up with more than two million hits. Out of those results, it took less than five minutes to find a complete tutorial on how to hack nearly every part of many well-regarded Industrial Automation Control Systems (IACS).
就我而言，在黑客方面并没有任何独特的技能。 我只是用Google搜索“入侵SCADA”，结果点击量超过200万。 在这些结果中，花费了不到五分钟的时间找到了一个完整的教程，该教程介绍了如何破解许多广受好评的工业自动化控制系统(IACS)的几乎每个部分。
Obscurity will not save your IACS from being attacked. In fact, it could make it more vulnerable. Your employees won’t necessarily think of these systems as targets, which can lead to lax security. As with the real-life Stuxnet and fictional Mr. Robot examples, once a hacker gains access to any part of your network, everything is compromised.
默默无闻不会挽救您的IACS免受攻击。 实际上，它可能使它更加脆弱 。 您的员工不一定会将这些系统视为目标，这可能导致安全性松懈。 就像现实中的Stuxnet和虚构的Robot先生的例子一样，一旦黑客获得了对网络任何部分的访问权限，一切都会受到损害。
Of course, cyberattacks against IT infrastructure are also on the rise. From ransomware to employee theft of files, the risk of IT cyber threats is more widely understood. All we need to do is simply turn on the news.
当然，针对IT基础架构的网络攻击也在增加。 从勒索软件到员工盗窃文件，IT网络威胁的风险得到了更广泛的了解。 我们需要做的只是打开新闻。
The bottom line is, staying a few steps ahead of cybercriminals is crucial. Hackers can spread malware from your OT to your IT systems and vice versa. You need both skill sets to keep them out.
最重要的是，保持领先于网络犯罪分子的几步至关重要。 黑客可以将恶意软件从您的OT传播到IT系统，反之亦然。 您需要同时具备两种技能才能将其拒之门外。
打破IT与OT之间的壁垒 (Breaking Down the Wall Between IT and OT)
Both teams have skills that complement each other, and both teams are going to be vigilant in looking out for different symptoms of possible attacks. Think of IT and OT skill sets as different parts of a single machine. To keep the machine functioning smoothly, all parts need to work together. Any perceived competition or “bad blood” between IT and OT needs to be eliminated as soon as possible to ensure that our workplaces, homes, and lives stay safe from cybercriminals.
两支球队都有相辅相成的技能，两支球队将保持警惕，以寻找可能的攻击的不同症状。 将IT和OT技能集视为一台机器的不同部分。 为了使机器保持平稳运行， 所有零件都需要一起工作 。 必须尽快消除IT和OT之间的任何可察觉的竞争或“恶血”，以确保我们的工作场所，家庭和生活免受网络罪犯的伤害。
You’ll often see “IT/OT convergence” cited as a critical aspect of industrial cybersecurity. The word “convergence” simply isn’t strong enough to convey the high level of interoperability we need to keep our systems safe online. We need complete integration, communication, and cooperation between IT and OT teams, and we need it yesterday.
您经常会看到“ IT / OT融合”被视为工业网络安全的关键方面。 “融合”一词根本不足以传达我们需要保持系统安全在线的高互操作性。 我们需要 IT和OT团队之间完整的集成，沟通和合作 ，昨天我们需要它。
Many organizations are now struggling to attain those goals. It’s an important fight. The hackers are gaining ground, though, and we all need to step it up.
现在，许多组织都在努力实现这些目标。 这是一场重要的战斗。 但是，黑客正在逐渐普及，我们所有人都需要加紧努力。