SolarWinds is the tip of the iceberg
The recent SolarWinds software supply chain breach is a clear indication that strong OT cybersecurity is a must-have in today’s threat environment.
Waterfall’s technologies have long enabled integration between OT networks and enterprise networks without the risk of any attack getting back into the protected network. The time has come to deploy this class of hardware-enforced protection universally on OT networks.
The SolarWinds breach shows only that the cyber threat environment continues to worsen. The SUNBURST and SUPERNOVA malwares that were inserted into SolarWinds Orion software updates are only the most recent examples of software supply chain attacks. Previous attacks include NotPetya and Havex. Both of these were malware inserted into legitimate software updates on legitimate vendor websites and impacted many industrial enterprises.
The attack techniques and technology demonstrated in the SolarWinds breach are only the latest to breach IT and OT networks that use only software defenses. There is only so much that firewalls, anti-virus systems, intrusion detection systems and the like can do for us. Our enemies have long since figured this out and are defeating software defenses more routinely in every passing week. Today’s ransomware groups for example, use powerful tools and techniques that were used exclusively by nation states only a couple of years ago.
Furthermore, SolarWinds Orion is only one of many widely used applications that, if compromised, can be used to manipulate and impair large swaths of industrial infrastructures. Ransomware groups and other adversaries will not be long in mounting their own software supply chain attacks. They have many vendor targets to choose from.
Again, the time has come for hardware-enforced protection for industrial & OT networks. Power plants, pipelines, rail systems, our manufacturing plants and many others are too important to leave to software alone.