Contact Us

SUBSCRIBE TO NEWSLETTER

How Disinformation Could Derail OT Security Risk Management

Cyber attacks can have a major impact on operational technology security systems.

By Rik Ferguson
From the August 2023 Issue of facility executive

From politics to pop culture, “fake news” has become a hot topic. It can move markets, influence elections, and convince the world that the Pope is a fashion icon. Though the Colonial Pipeline attack was by no means “fake news,” it provides a related example of how perception can influence beliefs and behaviors; consumers who heard of the attack became concerned about the availability of gas, leading to a surge in consumption and an ultimate shortage.

This scenario begs the question if there is potential for disinformation campaigns to lead to that same kind of outcome, but without a ransomware attack occurring. Beyond perception, could disinformation impact cybersecurity processes and responses to threats? What would happen if disinformation is received and acted upon unnecessarily to help ascertain the state of an operational technology’s security posture?

Disinformation, OT
(Photo: Adobe Stock / stnazkul)

As attacks on some of our most critical infrastructure continue to rise in number and sophistication, the potential for disinformation to impact operational technology (OT) security and its risk management strategies— potentially without an attack even being launched— is a scenario security teams absolutely need to prepare for and know what to be looking for.

Poisoning The Well With Disinformation

As fake ransomware gangs, false breach claims and empty threats become more prevalent, it is important to be aware of the tactics these actors may leverage to disseminate disinformation and influence OT environments.

One avenue attackers may go is targeting actual OT security systems and information. This could involve feeding inaccurate data into s (ICS) that automate OT environments to tamper with controls, such as regulating the temperature of a nuclear power plant. Or, it could involve manipulating the data lakes that govern artificial intelligence (AI) and machine learning (ML) functions and decision making. If organizations can no longer rely on the integrity of their own data, they will be forced to halt operations until the claim can be either proved or disproved, resulting in costly periods of downtime.

Apart from targeting physical security systems, bad actors may also choose to target individuals through social engineering schemes. Take the example of Business Email Compromise, where an attacker pretends to be someone senior in the victim’s organization and uses that position to persuade a “colleague” in finance to pay bogus invoices. Now, think of that in the context of shutting down or reconfiguring of critical processes, or the opening up of attack vectors into the organization such as opening ports on firewalls. Now you have a disinformation-driven, socially engineered attack…

Click here to read the rest of this article at FacilityExecutive.com


Read more about cybersecurity and business continuity issues from Continuity Insights.

Continuity Insights

Similar Articles

Gaining the Knowledge and Insight to Face Today’s Emerging Issues

It seems as if almost every day, new issues emerge to test the plans and preparedness of business continuity professionals across the world. New, perpetually evolving technology, cyberattacks, natural disasters, …

2021 Continuity Insights Management Conference Set for Minneapolis

After staging its annual Management Conference and New York events virtually in 2020 due to the Coronavirus, Continuity Insights is excited to return to a live, in-person event for 2021. …

Ransomware Attack Prevalence Drops

Ransomware attacks have impacted only 25% of U.S. organizations during the past year, representing a 61% drop from 2021, according to VentureBeat. Sixty-eight percent of companies hit by ransomware paid …

Leave a Comment

Share to...