Category Archives for "Cybersecurity"

May 8, 2022

Software Update: Windows DCOM Changes

At A Glance 

  • Distributed Component Object Model Remote Protocol (DCOM) is used for communication between applications running in a Windows environment 
  • Microsoft released a Windows update to harden DCOM
  • This update poses risks to ICS applications dependent on DCOM

In June 2021, in response to a security vulnerability, Microsoft released a Windows update (KB KB5004442) to harden the DCOM component of Windows. Organizations should be aware that many industrial control system applications utilize DCOM protocols. This update can impact the ability of networked devices to communicate, resulting in effects such as the inability to use HMI or SCADA software, or loss of historical tag data. 

Some impacted applications include: RSLogix 5/500/5000, RSLinx Classic, FactoryTalk applications, ThinManager, and KEPServer Enterprise.

Champion recommends that organizations review their installed software for use of DCOM and the potential impact of this update. Most ICS software vendors have published information on their affected software as well as possible mitigations for any impacts from applying these updates. For actively maintained software, vendors are working to deliver patches for their software to work with the update. Until these patches are available, it will be necessary to either postpone installation of the Windows updates or apply mitigations to disable the new DCOM hardening features. Be aware, however, that if the Windows updates are installed, it will not be possible to disable the DCOM hardening features after March 14, 2023. 

We’re Here to Help  

Champion can work with you to help you decide which Windows updates are appropriate to install and deliver those updates to your critical ICS systems. Champion can also provide recommendations on working with software that may no longer be supported by the vendor or assist you with planning upgrade paths. Finally, when things do break, Champion can assist with recovery. We will continue to monitor the situation and be prepared to keep our clients informed.

Wondering if your applications are vulnerable?

Contact our OT Solutions Group at otsolutions@champtechnology.com. 

 

Additional information on these changes can be found here: Microsoft.com Support, Microsoft.com MSRC

December 15, 2021

Apache Log4j Vulnerability Quick Guide

What is the Apache Log4j Logging Service Vulnerability?

Apache Log4j is one of the most popular web server logging utilities used in thousands of software applications. The Apache Log4j logging service (v 2.14.1 and below) vulnerability can allow malicious users to remotely execute code which can compromise the integrity of the system. 

Why is this considered a severe threat?

Any software with a web-based client or configuration component may be affected if it uses the Apache Log4j library. Some of these valuable assets can include Virtualization Hypervisor servers, accounting software packages, and software that runs on firewalls protecting your environments.

What can you do RIGHT NOW to address the vulnerability?

  1. Reach out to your software vendors to see if they have vulnerability updates or workarounds.
  2. Many firewall software and End Point protection platforms have built-in update tools. Make sure your firewalls and End Point protections are up to date and patched.
  3. Check in with your software vendor to make sure all patches are up to date.

What to do in case your systems are affected?

If any active machines at your facility have vulnerable software with no readily-available fix, we recommend turning the off the machine(s) until a fix has been found. This is recommended for non-business critical assets only.

What is Champion doing?

Champion is reaching out to our OT software partners and vendors to compile a list of known affected products, along with remediation strategies. We can also assist in verifying that your OT environments are safe. 


                    

                        Review the list

More information on this vulnerability can be found at these sites:

Statement from CISA Director Easterly on “Log4j” Vulnerability | CISA

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228

January 6, 2021

Champion Celebrates 20 Years

Celebrating 20 Years

FOR IMMEDIATE RELEASE

Champion Technology Services, Inc. is celebrating an incredible milestone:  20 years in business.

What started out as a two-person endeavor in late 2000, steadily matured into a team of 125 people across the country in 2020. Champion has achieved amazing milestones – growing one office into nine, being part of the LSU Top 100, being named Control Engineering’s Systems Integrator Giant, and achieving steady growth year-over-year.

None of this would have been possible without our dedicated team, continual process improvement, and of course – our clients.  We are thankful and humbled by our clients’ unwavering dedication!

Through the years, Champion has made strategic adjustments to generate a culture that inspires and empowers talented individuals to make the world a better place through technology.  By always staying at the forefront of technology and investing in our team’s professional growth, our clients realize the benefits in their day to day operations.

Whether implementing a control system upgrade, designing a new installation, assessing cybersecurity gaps, improving a facility’s safety systems, or enabling secure remote access for a full suite of OT Managed Services – our commitment to excellence remains steadfast.

At Champion, we believe the success of our clients is a direct reflection of our own efforts and successes.  That’s why we will continue to provide the best solutions available at any given time.  Independent of any equipment manufacturer or technology platform, our experts partner with you to evaluate needs, make recommendations, and execute the rollout that brings the most value to your facility.

From all of us at Champion, we thank you for trusting in our team to provide the solutions and systems that best achieve your goals.  We look forward to the next 20 years, as we continue to grow together.

Want to learn more about Champion? Contact us!

Champion Technology Services, Inc. is an industrial control systems integrator that provides OT services across the United States and abroad. Our team includes ISA/IEC 62443 Cybersecurity Experts and GICSP (Global Industrial Cyber Security Professional)-certified professionals in the latest NIST standards. We help small, medium, and large companies assess their existing control systems and implement protocols that meet their facility’s requirements while maintaining our status as an unbiased third-party solution provider.

June 29, 2020

Is Remote Access to Your Control System Safe?

Anytime a new conduit to an ICS network is created – especially one which transits the internet – there is inevitable trepidation about the potential security risks it might create. So, when we talk about creating a tunnel from your network into the cloud, you’re going to have mental alarms going off. This article will describe how Champion keeps your network secure while providing unprecedented levels of service and support.

The Cloud Zone

A security zone is created in the cloud specifically for you. Here, it serves as an extension of the Demilitarized Zone (DMZ) of your control system. The same security concepts that apply to your DMZ apply here as well.

There are only two paths in and out of your cloud zone:

  1. The Tunnel, as defined below, to your on-premises DMZ.
  2. Dedicated secure route to our portal servers to enable the features provided by our managed service offering.

These paths are restricted by routing and firewall rules to pass only the authorized data.

No windows administrative connections (RDP, WMI, RPC, and other evil acronyms) can be made from outside the DMZ and cloud zones. All administrative activity happens within the cloud zone via hosted desktop sessions. These sessions are delivered using virtual desktop presentation technologies so that only the video stream leaves, and only keyboard and mouse commands enter. No proprietary data or external threats can be transferred via either cloud path.

The Tunnel

In order to connect your site to the cloud, a tunnel must be created. This tunnel is built using the best available VPN protocols . Like most tunnels, its job is to keep the good things in and the bad things out.

This includes:

  • Ensuring that only your DMZ can connect to the cloud zone and only the cloud zone can connect to your DMZ.
  • Encrypting the data so that it cannot be monitored by outside forces.
  • Ensuring the data stays intact from one end to the other.

The Eyes

It’s often stated that if you can’t see it, you can’t secure it. To ensure your network stays safe, it’s vital to have eyes on the traffic that’s going through it. Like a building with door sensors, motion detectors, smoke detectors, security cameras, and a remote monitoring service… Champion can be your partner in notifying you in real-time of any abnormal activity.

  • Intrusion Detection Systems (IDS) designed with OT networks in mind are deployed for your network. These are strictly passive systems that merely sound the alarm if a potential compromise is detected.
  • IDS sensors are installed in strategic locations to passively monitor as much of the traffic on your network as possible.
  • Firewalls guard all the border crossings of your network. Anyone without the right credentials cannot get through.
  • End devices are protected with antivirus software. This blocks malware which makes it to a computer and sends out alerts.
  • A Security Information and Event Management (SIEM) server collects real-time data from all these safeguards and more and presents them to Champion’s monitoring team.
  • Should an event occur, we’ll notify you immediately. If you authorize it, we can also take action to mitigate any threat per your Incident Response Plan.

The Result

While opening a tunnel between your network and the cloud might sound scary, using the proper technology and partner allows your network and OT assets to be safer than ever. Not only will you be better protected from security threats, but now we can even alert you to process issues before they become big problems.

Remote support engineers can respond even quicker and without introducing you to unnecessary risks like VPN connections from untrusted computers, unmonitored persistent virtual desktop access, or cellular modems.

Want to learn more? 
Contact us with questions, or to receive a free consultation!

Champion Technology Services, Inc. is an industrial control systems integrator that provides OT services across the United States and abroad. Our team includes ISA/IEC 62443 Cybersecurity Experts and GICSP (Global Industrial Cyber Security Professional)-certified professionals in the latest NIST standards. We help small, medium, and large companies assess their existing control systems and implement protocols that meet their facility’s requirements while maintaining our status as an unbiased third-party solution provider.

June 29, 2020

The Top 5 Differences Between IT and OT

While everyone is familiar with the term “IT” (Information Technology), the term “OT” (Operational Technology) is far less familiar to the general public.  That is not to say OT is newly emerging; quite the opposite.  Over the last two decades, IT and OT have begun to converge.  You’ve likely heard terms like “IIoT” (Industrial Internet of Things) or “Industry 4.0.”  But there are unique differences that set OT apart from IT:

  • Production: 
    While IT is extremely important at the corporate (or “Enterprise”) level, OT is the livelihood of any facility.  The mission of any OT system is to achieve the greatest production output with the least amount of downtime possible.
  • Safety: 
    IT and OT must both be vigilant in mitigating security risks.  However, IT’s risks generally lend themselves to trade secrets and corporate accountability.  OT’s risks can be much more tangible:  Unsafe operating conditions or monitoring can result in health and safety issues such as fatalities or environmental catastrophes.
  • Skillset: 
    IT and OT have overlapping skillsets with technological approaches, but OT requires much more specialized experience with respect to the OT systems.  From understanding an industry’s production process, to the integration of many diverse L0/L1 devices and systems into one cohesive and intuitive platform, to the safety and alarm management of the process.
  • Cost of Ownership: 
    The lifecycle on IT and OT systems are vastly different.  Whereas IT’s typical lifetime on equipment is about 12-18 months, OT is generally more robust and operate longer – often lasting 10-15 years.  Therefore planning for Total Cost of Ownership (TCO) takes not just different expertise but also a different approach and methodology to achieve a comprehensive cost.
  • Compliance: 
    Whether for the safety of workers, surrounding communities, or the environment, compliance standards are often far more stringent on OT systems.  Federal and state agencies regularly monitor and regulate industrial processes due to their inherent ability to impact the community at large.

Production

Since production is the livelihood of any industrial facility, so too are the operational systems that keep them moving.  Loss of production for any reason has a direct impact on a company’s bottom-line.  Whether due to an outdated, unreliable platform, poor configuration, unprepared support staff, or insecure technology allowing for system breaches – many factors can affect production.  Be sure to utilize an OT specialist with the experience to reach your maximum production output.

Safety

Securing proprietary information is a major concern with any corporate IT network.  But cybersecurity is equally (if not more) important for a facility’s Industrial Control Systems.  In past years, many have taken the “air gap” approach to securing their OT control systems – keeping any production equipment separated from Internet-connected Enterprise equipment.  In theory – and in a time before flash drives and smartphones – this was enough to mitigate operational risks.  But, as consumer technologies emerged, so too did many large-scale security breaches affecting Industrial Control Systems. 

Air gapped systems that were not physically connected to the Internet would run on outdated security patches because they were seemingly “secure.”  With the advent of devices like flash drives and smartphones, however, control systems around the globe became vulnerable.  Cyber-attacks could now halt production, disable critical safety systems, or result in catastrophic loss simply by altering production readings.

Having a team of Globally Certified Cybersecurity Experts at your fingertips is now vital for any industrial environment.

Skillset

While the fundamental principles of IT networks are shared with OT networks, Industrial Control Systems require a much more specialized set of skills to implement and maintain.  For starters, the very environment of each are vastly different.  IT networks are often climate-controlled in office environments, whereas OT networks can be exposed to extreme elements and process environments.

More importantly, what sets OT professionals apart is their knowledge of how to implement specific industry processes, using a range of industrial controls across multiple platforms.  Lastly, they must use this knowledge to make everything communicate in an efficient, reliable, and intuitive manner.

With vast experience across numerous industries, platforms and technologies, Champion’s OT professionals deliver on this expertise.

Cost of Ownership

The natural lifecycle of IT versus OT lends itself to completely different budget approaches.  While IT environments typically change every 12-18 months, OT environments can last 10-15 years or more – if they are properly designed and maintained.

The key to enabling Industrial Control Systems for the extended durations is proper maintenance and support.  In addition to cybersecurity risk mitigation, including budgetary funds for preventive maintenance and support is essential in any OT environment.  As a system ages, it is key to provide regular security patches, scheduled backups, and a supply of spare parts to achieve the greatest production output.

Champion’s knowledge of these items, paired with our 24UP Support Solutions, allow customers to tailor specific needs into one easily-predictable budgetary plan.

Compliance

Another unique difference between IT and OT is the types of compliance each must meet.  Industrial Control processes are typically subject to far more scrutiny due to their ability to impact more than a corporate entity; if improperly maintained, a process can harm employees, communities, or the environment.  For this reason, it is imperative that OT systems function correctly and reliably.

OT networks continuously monitor process stages, operating temperatures and pressures, environmental emissions, leaks, or any other number of factors associated with the facility.  Having reliable systems in place not only raise overall safety.  They allow companies to provide real-time or historic reporting to compliance agencies, such as the EPA, DEQ, FDA, or OSHA.

Champion engineers and professionals hold the experience necessary to implement the reliable OT systems our customers demand.

Want to learn more? 
Contact us with questions, or to receive a free consultation!

Champion Technology Services, Inc. is an industrial control systems integrator that provides OT services across the United States and abroad. Our team includes ISA/IEC 62443 Cybersecurity Experts and GICSP (Global Industrial Cyber Security Professional)-certified professionals in the latest NIST standards. We help small, medium, and large companies assess their existing control systems and implement protocols that meet their facility’s requirements while maintaining our status as an unbiased third-party solution provider.

June 29, 2020

3 Reasons an “Air Gap” is Not Good Enough

Is an Air-Gap “Good Enough” to keep your Industrial Control System secure?  Short answer:  No.

And here’s why…

“Security by isolation” or air-gapping previously worked in Operational Technology (OT) environments when OT and IT were completely isolated from one another. Many older systems based on PLC’s and SCADA were built without cybersecurity in mind. OT and IT are now converging as organizations embrace the digital transformation, and security experts are now declaring the air gap dead as security by isolation is not a long-term solution for protecting OT assets.

Air Gapping an OT system has very limited value in today’s constant technological advances. It can no longer be used as a sole security solution in the long term for three reasons:

  • It causes organizations to miss out on valuable data.
  • It is more costly and difficult for maintenance and repairs.
  • It is more prone to security breaches than a “connected” OT system.

Missing out on Data

While air-gapped OT systems can minimize risks, organizations are not able to benefit from the highly valuable data these systems generate. Data analyzed in real time can provide business intelligence to cut costs, reduce downtime, and improve efficiency. These opportunity costs outweigh air-gapping as a viable cyber security measure.

Higher Maintenance Costs

Maintaining air-gapped OT systems are more expensive and difficult because the engineering tools of a connected system cannot be used to perform routine maintenance or troubleshoot problems.  It also limits the system from secure remote support by technical experts. Without remote access, facilities experience higher support costs and increased downtime. The reality is that even a properly air-gapped system is not completely protected; Every system is a potential breach target, and even air-gapped systems can be infiltrated. Organizations must engage in active monitoring and security measures to mitigate the risks.

Reduced Security

Air Gaps can be physically breached by a third-party networked laptop, USB drive, removable media, smartphone, or other devices. Allowing OT systems to connect with these devices creates vulnerabilities that air gapping cannot protect against. Air gapping makes it difficult for users to move back and forth between the air-gapped device and network-connected devices. For ease of use, an individual may use an unsecure USB drive to transfer data which could compromise an air-gapped system.

OT infrastructure is only as secure as the user operating the devices. An openly accessible USB port can serve as an entry route for malware. Smartphones provide another convenient route to cross air gaps when switched to Wi-Fi hotspot mode. The Wi-Fi hotspots can also be used as an entry point by hackers or those with ill intentions.  

FUN FACT: 
90+% of randomly found USB drives are picked up by the casual person and more than half are plugged into a PC.

 Source: Kapersky

Why your OT control systems can’t afford cybersecurity shortcuts:

OT cyber-attacks are more dangerous in nature. An OT attack can pose risks to operational and safety systems, employees, plant, and environment. Because the outcome of an OT cyber-attack is more catastrophic, it is essential that organizations prioritize cybersecurity. While air gapping provides some security, it is not the best option to select in the competitive marketplace.

Air gapped control systems are also more vulnerable because they don’t receive the latest Windows security patches easily, therefore are usually neglected. As new virus threats emerge, the OT system will likely be unprotected, unlike its Enterprise counterpart.

We must accept the fact that air gapping as a security control is no longer a valid option.  IT and OT will continue to converge leaving air gapping to be useless. Facilities should take advantage of the opportunities from integrated technologies to reduce costs and downtime while improving efficiency. While doing so, they must prioritize OT security to lessen the risk and still capitalize on the advantages of a connected IT and OT world.

Want to learn more? 
Contact us with questions, or to receive a free consultation!

February 10, 2020

The Top 3 Benefits of a Third-Party Cybersecurity Assessment

Most companies are not compliant with mandatory industry or governmental guidance and regulations relating to their cybersecurity practices. In fact, only 23% of companies who participated in a 2018 Kaspersky study report that they meet the standards. [1]

Even further, 56% of companies say they will increase their cybersecurity budgets in the next year due to potential incidents and risks associated with their current infrastructure and policies. [1]

One of the first investments your organization can make is to perform a Cyber Criticality Assessment. A Cyber Criticality Assessment is a process that allows organizations to identify general threats, determine the worst-case impact, whether it’s Financial, Safety, Health, Environmental, or otherwise, of devices/software becoming unavailable, unreliable, or compromised. The assessment process includes a survey, a vulnerability assessment, and a risk assessment to allow your organization to determine the severity of the consequences should a device or network not perform as intended.

While teams in your organization could perform a cybersecurity assessment internally, there are key benefits from inviting professionally certified expert third party to perform this task for you.

1. Unbiased approach to your system.

Third-Party Assessment teams, who do not represent any hardware or software manufactures, take an unbiased approach to your system. While internal teams may have critical knowledge of your control system and may have even designed it, third-party assessors can see the high-level view of your control system as well as the minute parts of it. They will see gaps in a system that internal teams can miss.

This is doubly important when it comes to Operational Technology (OT) and Industrial Control Systems (ICS) because all control system manufacturers have their own products and solutions for implementation. An unbiased third-party assessment team, especially one with a deep understanding of OT systems can connect manufacturer solutions with industry best-practices for solutions that fit your requirements.

2. Cybersecurity experts with the necessary background are difficult, if not impossible, to find.

The cybersecurity industry is expanding and growing at an astounding rate, and the demand for qualified and experienced professionals is fierce. Even when they can’t find qualified professionals to hire, many companies are still hesitant to hire outside help. According to a Kaspersky study released in 2018, 92% of companies who participated in the Kaspersky study prefer to maintain in-house OT and ICS cybersecurity personnel [1]. At the same time, 58% percent of companies find it difficult to find and hire employees with the necessary skills to address their organization’s OT/ICS cybersecurity challenges [1].

  • Is your company in a position to contribute resources to compete in the cybersecurity hiring market?
  • Is your company willing to be responsible for the cost of ongoing training, specialization, and other costs that come with hiring full-time personnel?
  • Does your company have the time and capacity to invest in a ground-up OT/ICS cybersecurity program from within?

If not, you might consider working with a third-party OT/ICS cybersecurity team who has the expertise and to do the bulk of the work for you.

3. IT vs. OT – It’s not a competition, it’s a complementary approach.

Cooperation and collaboration between OT and Information Technology (IT) is critical for your company’s complete, comprehensive cybersecurity investment. But does your IT team have OT knowledge and expertise?

A third-party assessment team with an OT/ICS background can connect manufacturer products and solutions with industry best-practices and methodologies that meet your requirements. They fill in the OT knowledge gaps that your IT team may lack. For example, assessors with OT backgrounds can provide insight on which control hardware your system uses that meet ISASecure® standards [2]. This is especially critical if your control system uses hardware and software from many different manufacturers.

A top-rated cybersecurity team with both IT and OT backgrounds can help to ensure that your cybersecurity assessment includes all aspects of your control system and business networks while working with your already-established IT team.

If you’re interested in learning more about Cybersecurity System Assessments for your system and establishing a strong foundation for your company’s cybersecurity policies and procedures, click here to reach out to Champion’s team of cybersecurity experts.

Contact an expert today!

Champion Technology Services, Inc. is an industrial control systems integrator that provides cybersecurity services across the United States and abroad. Our team includes ISA/IEC 62443 Cybersecurity Experts and GICSP (Global Industrial Cyber Security Professional)-certified professionals. We help small, medium, and large companies assess their existing control systems and implement cybersecurity protocols that meet their facility’s requirements while maintaining our status as an unbiased third-party cybersecurity solution provider.

References:

[1] Kaspersky, “2018-Kaspersky-ICS-Whitepaper.pdf,” 2019. [Online]. Available: https://ics.kaspersky.com/media/2018-Kaspersky-ICS-Whitepaper.pdf 

[2] ISA, [Online]. Available: https://www.isasecure.org/en-US/Certification 

[3] Savoy Stewart, “firms-investment-on-cyber-security-by-industry,” [Online]. Available: https://www.savoystewart.co.uk/blog/firms-investment-on-cyber-security-by-industry 

January 27, 2020

Safe and Sound Delivery

Your control system is only as secure as your files.

Moving data is imperative to a successful business. Whether it’s from one area of your organization to another or to an outside party, transferring information and files is part of everyday work. But if that information is particularly sensitive or proprietary, certain precautions must be made to ensure it is protected from being compromised.

Types of data that should be securely transferred:

  • Proprietary Data – any data that must be kept private for confidential, competitive or other business reasons. This sensitive data can be your company’s internal knowledge base, plans, communications, recipes, processes, financials, or other intellectual property.
  • Customer Data – any information owned by your customers that you use to do work for them. This may include batch recipes, processes, report results, etc.

Understanding the threats

The same threats to the general business IT system can also infiltrate the Operational Technology (OT) system which is the backbone of the facility. Threats to information come in many forms and usually occur from lack of diligence or knowledge on how to properly move information from place to place.

The impact? Risk of exposure. All threats to your network have the potential of stealing information that is vital to your business. This includes theft of intellectual property, identity, and information; sabotage; and even extortion of information. These threats include viruses, worms, trojans, bots, spyware, malware, ransomware, scareware, social engineering, and media attacks.

  • Unintentional Disclosure of Information – malicious programs can cause your data to be shared or seen by parties for which it was not intended. Data can be skimmed, intercepted, and used as ransom.
  • Compromised File Integrity – the loss or inability to maintain file integrity. Any file that can be modified proposes a security risk. Files can be intercepted and modified with malicious macros. What may look like a normal file, transferred by email or an FTP site, may now be a threat.
  • At-risk Channels of Operation – the security of an entire operational technology (OT) network and control system, including all devices, is at risk. Compromised files and PCs (configuration files, OT network devices files, firewalls) can wreak havoc on the overall health and function of the control system and the operation of the facility.

Distributing proprietary information safely

With these risks in mind, what is the best way to share files? The following scenario provides a glimpse of best practices in the real world.

An operator at a chemical plant has pulled a report of emissions data. The report must be delivered to the operator’s supervisor and the state regulatory agency. This data is proprietary information to the company but required to report, by law.

How does the file get transferred to its proper recipients, internally and outside the company?

Internal Delivery

The data from the PLC is collected by the historian into a spreadsheet file which is used to generate the emissions report. All this occurs in the Operational Technology (OT) environment, not the business IT network. The operator can safely move the report from the OT network file server to the IT network server using Windows File Sharing with security and authentication enabled.

Any time data transits security zones (e.g., OT and IT), it must be subjected to security controls, including but not limited to, authentication, threat inspection, integrity validation, information sanitation, etc.

Once the file is on the IT network server, the report can be delivered internally per the company’s established protocol. This can be by email (if permitted) or by internal file server or an approved cloud service.

Why not just put the report on a jump drive from the OT device then load it onto the operator’s computer? Because this method yields a greater opportunity for risk. Jump drive use provides the opportunity to connect to less secure zones and unauthorized machines. This means that malware has more opportunities to be installed on this drive.

Additionally, by using Intrusion Detection Systems and Security Information and Event Management systems, it’s possible to record, correlate and alert based on activity on the network.

External Delivery

Once data leaves company-controlled servers, it enters malicious territory and becomes more vulnerable. Delivering files externally must be done in a way that ensures the information gets to its final point intact and without being exposed to the wrong parties.

Using a Managed File Transfer System will ensure end-to-end security and encryption for the data.

Managed File Transfer Advantages:

  • Secure from end-to-end (from sender to receiver).
  • Limits admission to only those meant to have access.
  • Interaction with a hosted file is logged and auditable – data is captured showing who and when the file was viewed, downloaded, changed, uploaded.
  • Helps facilitate large file transfers (little to no restriction on file sizes).
  • Users can request files to be sent to them from outside sources securely.

 

File sharing bad habits are dangerous, if not used correctly

These data transfer shortcuts are dangerous to your organization if not used properly.

TRANSFER METHODBEST PRACTICES
Email with attached fileLimit to non-sensitive information only. Emails can be forwarded without any control as to who sees it.
Jump drivesDrives should be scanned for threats before each usage by a dedicated machine.
Commercial cloud sharing sitesNever use a personal cloud site. Use ONLY those managed by your company and deemed safe.

Mitigating cyber threats

Champion has the expertise and knowledge base to help you build a secure file transfer system which align with industry best practices and guidelines. Here are a few ways Champion can help make your OT systems more secure.

  • Perform Cybersecurity Risk Assessment.
  • Install anti-virus software and keep it up to date.
  • Install firewalls to create security zones and establish a DMZ between OT and IT networks.
  • Deploy a SIEM (Security, Information and Event Manager) to capture instances of bad habits, jump drive use, and users to identify threats.
  • Establish an Industrial Intrusion Detection System to monitor access and traffic to and from ICS and alert to abnormal activity.
  • Train employees on security best practices.

If you’re interested in learning more about Cybersecurity System Assessments for your system and establishing a strong foundation for your company’s cybersecurity policies and procedures, click here to reach out to Champion’s team of cybersecurity experts.

Contact an expert today!

Champion Technology Services, Inc. is an industrial control systems integrator that provides cybersecurity services across the United States and abroad. Our team includes ISA/IEC 62443 Cybersecurity Experts and GICSP (Global Industrial Cyber Security Professional)-certified professionals. We help small, medium, and large companies assess their existing control systems and implement cybersecurity protocols that meet their facility’s requirements while maintaining our status as an unbiased third-party cybersecurity solution provider.

January 14, 2020

Microsoft Support for Windows 7 and Server 2008 Has Ended

What does this mean for industrial users?

Is your facility using Windows 7 or Windows Server 2008 for its industrial control systems?  If so, you should know that beginning January 14, 2020, Microsoft will no longer be providing security updates or support for these products.  This means your systems will become increasingly more vulnerable to security risks.

Can your operation afford the uncertainty of production downtime, proprietary information loss, or even a full system failure?  Stay current and migrate to Windows 10, and the latest release of Windows Server.  This will ensure you continue receiving the latest security patches necessary for maximum uptime. 

Not sure how to migrate?

Champion’s team of Engineers and Cybersecurity Experts have you covered with options that work best for your facility’s needs.  Trained in the latest ISA/IEC 62443 and NIST standards for industrial cybersecurity, our specialists have the certifications and real world application experience to recommend the best option for you.  We can provide you with system assessments, implementation recommendations based on industry best practices, maintain the integrity of your control system and lower the exposure to future threats.

To read more about Windows 7 and Windows Server end of support, visit Microsoft.com. 

To learn more about Champion’s Cybersecurity offerings – or to schedule a free initial consultation, visit ChampTechnology.com/cybersecurity.

Champion Technology Services, Inc. is an industrial control systems integrator that provides cybersecurity services across the United States and abroad. Our team includes ISA/IEC 62443 Cybersecurity Experts and GICSP (Global Industrial Cyber Security Professional)-certified professionals. We help small, medium, and large companies assess their existing control systems and implement cybersecurity protocols that meet their facility’s requirements while maintaining our status as an unbiased third-party cybersecurity solution provider.

October 8, 2019

Humans: A Weak Link in Network Security

Have you noticed in recent years, the topic of Cybersecurity has become increasingly popular?

A number of studies have found that untrained employees are the biggest threat to an organization’s network security.  A study[1] by ESI ThoughtLab found that 87% of executives are aware of this fact.  Consequently, companies of all industries and sizes are now putting more focus on preventing (or minimizing) attacks by investing in training for employees using Operational Technology (OT) systems including Industrial Control Systems.

The examples below[2] are common pitfalls when there are human-factor vulnerabilities:

  • Operators using OT workstations in the same manner as an IT device or home computer. For example: Uploading photos, plugging in smartphones, downloading games or potentially corrupt software, using unsecured USB drives, visiting unsecure websites, and more.
  • Operators accidentally click on a link in a phishing email from an operator station
  • Poor credential management: Allowing unrestricted access to system areas or functions that are not needed for an operator’s job role
  • Incident preparedness: No incident response program.  What if something did happen?  Is there a well prepared plan in place?
  • User’s credentials are not removed from system when leaving the company.

So, what if I’m not an expert?

That’s OK!  Even trained employees are human.  The good news is many weak links can be prevented by improving the security of your ICS network. 

Champion’s Certified Cybersecurity Experts are trained in the latest ISA/IEC 62443 and NIST standards for Industrial Cybersecurity.  This means you benefit from the most current, comprehensive safeguards for your operations.

Industrial Cybersecurity is an ongoing cycle of assessing vulnerabilities, implementing solutions, and maintaining secure operations without production downtime.

Champion can help you by providing Vulnerability & Risk Assessments of your current network, then offer System Hardening and Configuration to mitigate risks.  We can also help you in developing Cybersecurity Policies and Procedures, implementing best practices, and recovery steps for incident response in the event of an attack.  We can even host a complete backup of your control system to get you up and running with little or no downtime, should a major disaster strike.

Lastly, as your Cybersecurity Experts, Champion can maintain a secure live Intrusion Detection & System Recovery Systems, Investigate Incidents, and provide a comprehensive incident response plan that fits your needs.

Want to learn more?  Contact an expert today!

Champion Technology Services, Inc. is an industrial control systems integrator that provides cybersecurity services across the United States and abroad. Our team includes ISA/IEC 62443 Cybersecurity Experts and GICSP (Global Industrial Cyber Security Professional)-certified professionals. We help small, medium, and large companies assess their existing control systems and implement cybersecurity protocols that meet their facility’s requirements while maintaining our status as an unbiased third-party cybersecurity solution provider.

References:

[1] Source:  https://www.controleng.com/articles/untrained-staff-is-the-biggest-cyber-risk-according-to-report/

[2] Source:  https://www.exida.com/Blog/cyberattacks-succeed-where-humans-and-systems-are-weak 

1 2
>