TrendMicro’s latest research suggested that unsecured and dated Windows operating systems are the weak link when it comes to cyber attacks on critical infrastructure systems. Edgard Capdevielle, CEO at Nozomi Networks commented below.
Edgard Capdevielle, CEO at Nozomi Networks:
“There is a number of opinions as to what poses the biggest risk to critical infrastructure – be it old Windows systems, unsecure and legacy industrial devices, targeted malware, operator error, etc. However, what isn’t debated is the damage that can be inflicted. As illustration, cyber criminals exploited existing Windows XP vulnerabilities and targeted aging infrastructure with the weaponised WannaCry malware, successfully compromising systems connected to devices running legacy Windows operating systems. Attackers will continue to employ innovative tactics so defenders equally need to be resourceful.
“Rather than focusing on where the cracks are, organisations need to ensure critical infrastructure resilience so that risks from wherever and in what ever format can be identified and remediated.
“While historically industrial control systems (ICS) that oversee operations within critical infrastructure were difficult to monitor, and therefore protect, the application of new technologies – such as artificial intelligence and machine learning, now offers the ability to monitor for cyber risks and detect anomalies that pose a risk, irrespective of source and whether intentional or human error. This is good news for the future of critical infrastructure protection today and into the future.”