Securing legacy systems is a great challenge for organisations in the industry
Published on : Monday 26-08-2024
Dick Bussiere, Technical Director APJ, Tenable.
What are the cyber threats facing the transportation and fleet management industries in India?
Since the launch of India’s National Logistics Policy, organisations within the transportation and fleet management sectors have stepped up digital transformation efforts. This also means these sectors rely more on technology to streamline operations, track shipments, and enhance customer experience. This reliance exposes their attack surface making them vulnerable to cyberattacks. Information regarding shipments, tracking details, and business contracts is frequently exchanged, creating a rich target for cybercriminals seeking valuable data or wanting to disrupt operations.
The increased demand for mobility services has led to the adoption of fleet management solutions and AI-powered tools to improve operations. However, these software systems provide cybercriminals with multiple attack points, enabling them to potentially disrupt a fleet’s operations and steal sensitive customer and operator data. This technological dependency significantly expands the attack surface exposing organisations to data breaches related to the cloud, unauthorised access, and ransomware attacks. Such incidents can have devastating consequences, including financial losses, legal repercussions, and long-lasting reputational damage.
We can see two examples of the impact of attacks against the transportation and logistics verticals. The first stands alone in its global impact – the attack against Maersk in 2017 which reduced this global behemoth to old-school paper processes. The impact against Maersk was $300M USD. Given the typical 26x ripple effect, the real cost of this breach was more like $7.8B USD. The second more recent attack was against DP World in Australia, impacting 40% of the country's import/export activity. Clearly, such attacks are severe.
How can this industry minimise cyber risk?
The first step is discovering and gaining visibility into all devices in the environment. This includes real-time insights from vehicle telematics and GPS tracking, sensors, onboarding computers, integrated bridge systems, RFID tags, SCADA systems, and health and usage monitoring systems.
Gaining full asset inventory and visibility into all devices and systems ensures that these systems can be protected with modern security controls, crucial to managing vulnerabilities and mitigating cyber risks from OT. Preventive security solutions such as full exposure management provide real-time insights into IT, OT and IoT assets across the entire transportation infrastructure, making identifying and mitigating risks easier.
What are the major challenges in the transportation sector that impede the adoption of preventive cybersecurity?
Securing legacy systems is a great challenge for organisations in the industry. Many OT legacy systems were designed for air-gapped environments and lack modern security features, making them vulnerable to cyberattacks. Integrating security solutions with legacy OT systems can be complex and disruptive to operations. This is perhaps why 55% of employees in the industry feel they are ill-equipped to identify or handle a significant cyberattack. Without the right security solutions, these organisations have limited visibility into their environments. The diversity of OT systems and communication protocols can create blind spots, making it difficult to have a comprehensive view of the entire transportation network.
Is preventive security possible in OT environments?
Preventive security is possible in OT environments when done right. The right solutions like exposure management can protect transportation infrastructures from advanced cyber threats by alerting organisations to suspicious events triggered by intrusion detection systems, policy violations, and anomalous behaviour. Automated asset discovery across systems reduces the need for error-prone manual asset management. Exposure management solutions can also be integrated with its existing technology, ensuring mobility and rapid responses during emergencies. Additionally, organisations can access data in real-time and across diverse systems, providing them with the visibility and context needed to prioritise remediation efforts.
In your experience, why are legacy cybersecurity measures still prioritised in this industry?
Historically, the logistics and transportation verticals move more slowly than other sectors. This is because this vertical tends to be highly regulated and somewhat conservative. The prevailing mindset is often, ‘If it ain’t broke, why fix it?’ Upgrading legacy systems introduces risk and can cause delays, potentially impacting the bottom line in the short term. However, without robust cybersecurity policies and solutions, organisations are always at risk of being attacked. In a world where financially motivated threat actors need only one entry point to compromise entire businesses, cybersecurity cannot be taken lightly. Preventive security measures are essential for ensuring a more secure future for transport and fleet management organisations.
Dick Bussiere is a seasoned technical architect with over 20 years of experience in ICT security, computer networking and engineering. He frequently assists organisations including financial services organisations, governments and managed security service providers in adopting a regimen of proactive vulnerability management to help them reduce their vulnerability footprint. He has a strong background in Research and Development, including both software and hardware engineering. Prior to coming to Tenable, Dick was Arbor Networks' Solution Architect for Asia Pacific. Current Position: As Technical Director, APJ, Dick is responsible for supporting enterprise and public sector organisations throughout the region, specialising in Operational Technology and has been with Tenable for more than 7 years.
Bump pitch transformers will revolutionise advanced packaging
Dr Larry Zu, Founder and CEO of Sarcina Technology, the Application Specific Advanced Packaging (ASAP) Design Service and Production leader, predicted that recent Bump Pitch Transformer (BPT) designs will speed 2.5D IC advanced packaging adoption to meet the red-hot demand for AI innovation.
In remarks made in the Keysight Theater at the 61st Design Automation Conference, he envisioned new BPT technology paving the way for new artificial intelligence computing opportunities.
"We believe that the Bump Pitch Transformer architecture will accelerate the growth rate of 2.5D semiconductor packages that are key to meeting the explosive demand for AI-driven computing capabilities," Dr Zu said during his address in the Keysight Theater.
Fan-Out Chip-on-Substrate with Silicon Bridge (FoCoS-B) is the latest BPT advancement, he said, and it democratises the 2.5D era. This packaging technology is now available through companies such as ASE and SPIL, breaking a logjam of innovation created by previous proprietary BPT technologies.
FoCoS-B is a silicon bridge technology, replacing expensive silicon TSV interposers with more cost-effective re-distribution layers (RDL). This architecture is ideal for homogenous and heterogenous chiplet integration targeting high-performance computing (HPC) devices for AI, data center, microprocessor, and networking applications.
Current advanced 2.5D packaging uses a substrate to transpose an IC's microbump pitch from 40-50 µm to the package's 130 µm bump pitch. These substrates are very expensive, in short supply, and are complex to design resulting in lead-time and cost challenges.
The new FoCoS-B technology is effectively a Wafer Fan-out RDL technology which, due to its maturity, has inherently a lower cost and shorter lead time thus enabling system designers to optimise AI for new lower cost applications.
Sarcina is currently engaging companies with two Bump Pitch Transformer derivatives across a range of applications. Its services include BPT interposer design, O/S test pattern insertion, fabrication & BPT wafer sort, along with package substrate design, PI/SI + thermal system simulation, & substrate fabrication. A complete WIPO (wafer in, package out) engagement also covers package assembly, final test, and production services.
The company has had a number of 2.5D customer devices to successfully enter production going back several years, including a large 47.5 mm x 47.5 mm, 2,019 ball high performance flip chip ball grid array device. The total system featured an ASIC and two high-bandwidth memory chiplets HBMs on a silicon interposer and 12 substrate layers. The IC ran at 320 Watts, thanks to 32 lanes of 25 Gigabits per second (Gbps) SerDes and 16 lanes of 16 Gbps PCIe-4 interface IP.
"As amazing as this sounded several years ago, such a device is just a peek at what we're going to see once the industry adopts the latest Bump Pitch Transformer technologies," Dr Zu pointed out.
______________________________________________________________________________________________
For a deeper dive into the dynamic world of Industrial Automation and Robotic Process Automation (RPA), explore our comprehensive collection of articles and news covering cutting-edge technologies, robotics, PLC programming, SCADA systems, and the latest advancements in the Industrial Automation realm. Uncover valuable insights and stay abreast of industry trends by delving into the rest of our articles on Industrial Automation and RPA at www.industrialautomationindia.in