How layers disrupt security when not managed well
Grouping similar systems together to ensure we balance both performance and security is the key goal of the Purdue model. We have learned so far that segmentation and isolation are critical in ensuring security.
We are also clear on the benefits the convergence of IT and OT has brought to the industry. However, it has brought along with it attacks once only aimed at enterprises or IT now aimed toward OT assets as well. Every device is deemed mission critical as an attack on a front-line device or workstation or engineering system can lead to an attack on OT systems. This not only affects the business, revenue, and reputation but also human life, depending on the type of OT infrastructure.
Here is a scenario about the reconnaissance activity happening for TCP port 502. These activities not only have increased in the recent past but also, if successful, can issue harmful commands to OT devices.
TCP port 502 is commonly used in...
