Features Overview:
SCADAfence OT Remote Access Security is the only solution that provides full visibility into remote access connections and allows security teams to track and detect user activities that are out of that user’s profile or are malicious in nature.
The Challenge:
Recently, most of the global workforce has transitioned to working remotely. While every organization has invested a lot into remote work and have fully digitalized their workforce, not a whole lot was invested in security controls around the connections themselves. Working remotely means opening networks up to exponentially more external access – networks which were previously never opened to such access, or had very limited remote access to them.
In an Instant, the Exposure of OT Networks has Increased Dramatically:
Increased Exposure: The number of external connections, in addition to the fact that workstations used in remote access are also connected to the internet and can be compromised. This can give attackers access to critical assets – such as this cyber-attack that we discovered on a remote server.
Hard Perimeter, Soft Belly Architecture: Once remote users log in, they can often access a wide range of critical hosts, without further access control.
Lack of Correlation Between Remote Users & Process Manipulation: After initial authentication at the gateway, there is no way to associate OT sessions with the logged-in users. This lack of association and attribution increases the risk to the OT network.
Increased Complexity: People accessing from home means more remote locations and end-devices. This adds complexity and thus further increases exposure. These remote access connections are now a low hanging fruit for attackers, who leverage them for different purposes and can lead to the world’s largest cyber attack.
Here’s a video that shows how security teams can gain visibility into remote access connections