OPSWAT Acquires Fend to Extend Cybersecurity Reach Into OT Platforms
OPSWAT this week revealed it has acquired Fend, Inc. to further extend the reach of its cybersecurity portfolio into the realm of operational technology (OT).
Fend provides Data Diodes and Unidirectional Gateways, a set of appliances that provide one-way secure communications channels for a wide range of embedded systems.
Fend CEO Colin Dunn said that approach enables organizations to secure embedded systems without having to rip and replace them with more secure platforms. That’s critical because the cost of replacing every embedded system that has already been deployed is cost-prohibitive.
Those appliances come with a Multiscanning capability that can employ up to 30 anti-virus engines in addition to Deep Content Disarm and Reconstruction tools to sanitize files, sandboxing capabilities and data loss prevention (DLP) software.
Previously, OPSWAT in 2021 extended the reach of a broad cybersecurity portfolio to include OT with the acquisition of file transfer technologies originally developed by Bayshore Networks. Earlier this year it also acquired InQuest, a provider of file inspection and threat-hunting tools.
OT platforms have become a favorite target for cybercriminals because compromising these systems enables them to disrupt critical infrastructure such as refineries and other services. The challenge is that many of the embedded systems that are now connected to the internet were originally developed before cybercriminals began targeting them. As such, systems that were designed to have a lifecycle of 10 years or more are now vulnerable to, for example, ransomware attacks that encrypt files.
Additionally, cybercriminals are targeting these systems to enable them to laterally distribute malware to any IT environment that might be connected to that embedded system.
More troubling still, cybercriminals will inevitably be soon leveraging artificial intelligence (AI) technologies to make it simple to both create malware and discover which embedded systems running in OT environments are most vulnerable.
While the level of cybersecurity expertise being applied to OT environments has improved in recent years, there is still a critical shortage. The number of cybersecurity professionals who have a deep understanding of how to protect OT environments remains limited. On the plus side, the engineering teams that manage these platforms in the wake of a series of high-profile cyberattacks have a better appreciation for the overall level of risk.
Unfortunately, adversaries such as nation-states have shown themselves to be very patient, said Dunn. They will monitor OT environments in some cases for years looking for an opportunity to inject malware that might not be activated for months or longer, he noted.
In the meantime, the number of applications being deployed on OT systems only continues to increase. As the overall size of that attack surface expands, cybersecurity teams are becoming even more overextended than they already are, said Dunn.
In theory at least, as awareness of threats to critical infrastructure as a national security issue continues to grow, more resources should become available. In the meantime, the odds there will be more compromises of critical infrastructure in the months ahead are higher than anybody cares to admit.
