Operational technologies, or OT, are a critical segment of the network used by businesses that produce goods or engage in physical processes. Industries such as manufacturing, chemical, oil and gas, mining, transport and logistics use specialized technologies to manage facilities: Assembly and production sites and power systems. The control, monitoring, and management of these systems have been gradually automated over the past few decades, and the specialized systems that perform these tasks are called industrial control systems (ICS), dispatch control, and data acquisition (SCADA), or simply OT.
The networks in which these OT systems operate have traditionally been separated from the corporate information technology (IT) environment, as well as from the Internet, often separated by an air layer. They are usually managed by operational personnel, not IT specialists. And for good reason. Manufacturing facilities can generate millions of dollars an hour for companies, and communities rely on critical infrastructure to provide clean water and energy. When these systems fail even for a few minutes, it can cost hundreds of thousands of dollars and even put workers and people around them at risk.
Simply put, IT is about managing data, and OT is about creating things. And because these OT systems were completely isolated, the OT world felt immune to the hacking that has become a fact of life for IT environments. But the recent attacks on OT have changed the usual order of things.
The number of cyber attacks in these systems and in OT infrastructures in General is growing, and they cause real damage. Probably the first such attack on Stuxnet occurred ten years ago. It was an air-gap system, meaning it had no connection to external networks, but it was hacked nonetheless. In 2017, the NotPetya ransomware interrupted production and closed offices. In the same year, the Trisis/Triton malware damaged security features in oil and gas production equipment. And in 2020, Ekans, or Snake Ransomware, appeared, which is specifically designed for ICS systems.