Much of the conversation surrounding the pandemic and IT has focused on managing new types of technologies that help employees work remotely, like video conferencing platforms and cloud desktops.
What’s easy to overlook are the legacy systems, such as Operational Technology infrastructure, that play a pivotal role in allowing businesses to remain productive. As Infosec notes, “Legacy systems, operationally useful as they may be, may pose a significant security risk for an organization.”
That’s why securing ransomware protection for OT systems is just as critical as ensuring that modern, cloud-native systems remain secure. But securing OT systems also poses unique challenges. In many cases, these systems, which were designed to run for decades, are powered by legacy operating systems, like Windows XP, for which vendor support is no longer available and which aren’t always supported by modern security monitoring tools. The fact that OT systems manage critical business operations, such as production lines, makesOT cybersecurity even more important.
What’s a business to do to protect its legacy systems against ransomware and other threats?
According to IBM’s 2021 Cost of a Data Breach report, incidents now cost an average of $4.24 million. The ever-increasing number of cyber threats makes it more necessary than ever to protect against ransomware attacks. Read on for tips on ensuring that your OT systems and other legacy assets remain as secure as the rest of your IT estate.
How to protect your legacy systems from attack
Some of the cybersecurity best practices that you apply to IT systems in general, simply don’t work with legacy systems. Modern security tools may not be compatible with operating systems that ceased to be actively developed more than a decade ago, for example. You may also not be able to use modern identity and access management (IAM) frameworks with these legacy systems or keep them up-to-date with patches, as vendors no longer offer patches.
Nonetheless, there are a variety of steps you can take to secure legacy systems or the infrastructure they depend on.
- Limit user access
Even if your OT or other legacy system lacks a modern IAM framework, it likely includes some kind of identity and access control tooling in place. Use these tools to enforce the principle of least privilege across the system: Ensure that administrator credentials are not available except where required, delete unused user accounts, disable remote access unless necessary and so on.
- Limit network access
One advantage that organizations enjoy when it comes to ransomware protection for OT systems is that the fundamentals of network architecture and protocols haven’t changed much in decades. As a result, you can use network-based controls to protect systems effectively.
For example, consider placing OT systems on a private network where they are isolated from the public Internet. If that’s not possible, use network proxies and firewalls to manage traffic rather than directly exposing them to the Internet.
Be sure, too, to block unnecessary ports. If you can’t do that on the OT system itself, you can block traffic to unnecessary ports through network firewalls.
- Use network encryption
Along similar lines, network encryption is a vital tool for securing legacy systems. If the system itself lacks support for modern encryption protocols, you can likely implement encryption within the network infrastructure itself. This is not quite as ideal as complete end-to-end encryption, but it still significantly reduces the chances of exposing sensitive data on the network. In turn, it mitigates the risk of data leakage, which can result in compliance violations and make it easier for attackers to disrupt your operations.
- Implement virtual patching
Virtual patching is a technique that allows you to prevent the execution of specific exploits by blocking them within your network or infrastructure, rather than on vulnerable systems themselves. In situations where you can’t patch vulnerable systems — which is often the case when dealing with OT or other legacy environments — virtual patching provides an effective alternative to resolving the underlying vulnerabilities.
- Know the limitations of security tools
When securing legacy systems, it’s critical to know what your standard security tools can and can’t do. As noted above, many modern cloud and SaaS tools are incompatible with legacy systems. You shouldn’t assume that your entire environment is safe just because your security tools don’t detect any active threats.
Instead, you need ransomware protection tools that are purpose-built to handle security risks not just in modern environments, but also for legacy systems. You also need security experts who understand the unique challenges of legacy systems.
Protect against ransomware and other threats on legacy systems
Minerva Labs provides both of these solutions. The Minerva Labs platform allows a business of any size to implement effective cybersecurity controls to defend against ransomware and other risks, not just in modern environments but also in OT and other legacy systems. At the same time, our team of experienced cybersecurity researchers possesses the unique expertise necessary to understand how modern threats like ransomware can impact legacy systems — a consideration that many security vendors overlook.
Contact us to learn more about how Minerva Lab’s ransomware protection technology supports legacy systems.