https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


Partner content

What industrial-control-system vulnerabilities can teach us about protecting the supply chain

What industrial-control-system vulnerabilities can teach us about protecting the supply chain

  • Written by Donny Jackson
  • 16th June 2021

Over the past year, we saw many unpredictable challenges. To stay connected and keep things moving while adhering to social distancing restrictions, many organizations had to expedite their digital transformation initiatives. The industrial and critical infrastructure sectors are particularly vulnerable due to the older nature of the devices used in industrial control systems (ICS). Their increased attack surface leaves these organizations particularly susceptible to cyberattacks, specifically in the supply chain.

SolarWinds and the Supply Chain
Awareness of supply chain attacks has been steadily growing over the past decade as major security incidents became known. These include the 2013 Target security breach, in which the credentials for a heating and air conditioning vendor were stolen and used to access the retail giant’s network, or the 2017 NotPetya attack, in which several multinational corporations’ software updates were affected by ransomware, shutting down company technology and crippling business. The recent SolarWinds Orion software attack brought attention back to the vulnerable nature of the supply chain and the urgent need for increasing security measures at all stages.

Months after the SolarWinds breach was disclosed in December 2020, details about the full extent of the damage are still being uncovered. The affected product was incredibly widely used, making it quite difficult to pinpoint exactly how the breach happened. This stresses the need for increased visibility in all areas of the supply chain — in both information technology (IT) and operational technology (OT). The increasing convergence of IT and OT networks has contributed greatly to the susceptibility of the supply chain, while increased visibility in both areas could have raised awareness of the attack’s presence and the potential for preventing it.

Recovering From the Fallout
As we have yet to understand the full impact of the SolarWinds attack, recovering from it will be an ongoing process. Organizations and their security teams will tighten up policies and practices that they may have loosened in the past. There is growing pressure on the US government to take action to protect against a similar event. Even so, organizations that were and want to prevent being affected are increasing security measures and paying closer attention to the tools in their technology stack.

In addition to dealing with the fallout from the SolarWinds attack, organizations are still seeing effects from the COVID-19 pandemic. The increase in remote workers and delays in rolling out new equipment and upgrading existing equipment created security gaps. Ransomware attacks are also on the rise, specifically targeting critical infrastructure that cannot afford downtime caused by an attack and are therefore more likely to pay up. Attacks could come in the form of stealing sensitive data, malware, identifying valuable assets in the network, or even targeting specific equipment and operating systems.

Given these factors, we must pay special attention to the COVID-19 vaccine supply chain.

To read the complete article, visit Dark Reading.

 

Tags: Alerting Systems Analytics Applications Critical Infrastructure Cybersecurity Enterprise Federal Government/Military Incident Command/Situational Awareness Internet of Things IoT/Smart X News Public Safety Security Software State & Local Government Subscriber Devices System Operation Tracking, Monitoring & Control Partner content

Most Recent


  • Cybercrime ecosystem spawns lucrative underground Gig Economy
    Over a 30-month period, cybercriminal gangs and threat groups posted more than 200,000 advertisements seeking workers with skills in software development, maintaining IT infrastructure, and designing fraudulent sites and email campaigns. The demand for technically skilled individuals continues, but it peaked during the coronavirus pandemic, with double the average job advertisements coming during March 2020, […]
  • FAA approves beyond-visual-line-of-sight (BVLOS) flights in North Dakota
    The unmanned aerial vehicle (UAV) avionics company uAvionix received Federal Aviation Administration approval to conduct advanced beyond visual line-of-sight (BVLOS) flights of small UAVs in North Dakota.  The flights will be conducted at the Northern Plains Unmanned Aerial Systems (UAS) Test Site (NPUASTS) in Grand Forks, one of seven FAA-run UAV test sites in the U.S., using […]
  • AT&T boasts of core 'white box' success in 5G, fiber push
    AT&T said it has now migrated more than 52% of all of its production traffic onto next-generation “white box” core routers running on products from the likes of Broadcom and DriveNets. The company said its move to such “open” systems has helped its aggressive 5G and fiber expansions. “We announced the next-gen open disaggregated core routing […]
  • Spending American Rescue Plan Act funds: A primer for municipalities
    The American Rescue Plan Act (ARPA) of 2021 is a $1.9 trillion legislative package that includes funding for states, local governments and tribal nations to respond to the economic and public health impacts of the COVID-19 pandemic. While initially restricted, subsequent guidance from the federal government has expanded what those funds can be used for. […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Cars, Medicine, Electric Grids: Future hackers will hit much more than networks in an IT/OT integrated world
  • Securing an open-source OS for IoT
  • What industrial-control-system vulnerabilities can teach us about protecting the supply chain
    Newscan: Once, superpower summits were about nukes. Now, it’s cyberweapons.
  • Is an attacker living off your land?

Commentary


How 5G is making cities safer, smarter, and more efficient

26th January 2023

3GPP moves Release 18 freeze date to March 2024

18th January 2023

Do smart cities make safer cities?

  • 1
6th January 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

Cybercrime ecosystem spawns lucrative underground Gig Economy dlvr.it/ShkKbf

31st January 2023
UrgentComm

FAA approves beyond-visual-line-of-sight (BVLOS) flights in North Dakota dlvr.it/ShgxHW

30th January 2023
UrgentComm

AT&T boasts of core ‘white box’ success in 5G, fiber push dlvr.it/Shgb4w

30th January 2023
UrgentComm

Spending American Rescue Plan Act funds: A primer for municipalities dlvr.it/ShgZ52

30th January 2023
UrgentComm

AT&T wireless growth keyed by FirstNet—now provides 24,000 agencies with 4.4 million connections dlvr.it/ShY5qH

27th January 2023
UrgentComm

Report: Remote work causing offices to empty, but walkable cities still in high demand dlvr.it/ShXM7Z

27th January 2023
UrgentComm

AT&T FirstNet unleashes robotic dogs for emergency services dlvr.it/ShW7p8

27th January 2023
UrgentComm

Federal agencies infested by cyberattackers via legit remote-management systems dlvr.it/ShVhn3

26th January 2023

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.