I've been there, seen this, nobody gave me a tshirt :) Airgaps are mostly a mythical beast in my experience, because "corporate" needs data, not least to make more profit via OT systems. My favorite Always Find a Thing used to be checking out the Remote Desktop Users group on HMIs. We were always told that was super well locked down - and then you take a look and there's 25 people in that group, half of them are vendors, and half of those are vendors who are not even current vendors - contracts ended X years ago.
Totally – your example with the Remote Desktop Users group is such a classic. Officially “locked down,” but in reality a graveyard of former vendors and long-forgotten accounts 😅.
Happens all the time – same kind of logic shows up with legacy fieldbuses or real-time Ethernet when people talk about Air Gaps. “It’s physically separated, so we’re safe…” – until some obscure interface quietly bridges the gap. And from there, attackers can often move laterally with ease.
Still, protection is definitely possible – if segmentation is done right. I’m genuinely glad to see more momentum here, from better architectural boundaries to symmetric encryption being added to protocols. It's long overdue that OT security stops being treated as an optional add-on.
Thanks for sharing – I think a lot of people have had that exact same “uh-oh” moment.
Very well explained. Air-gapped is a myth only. We need to design controls to protect critical OT systems from threats which can be exploited in isolation
Airgapped is a dream, while we find out that the read/write/execute permissions at the USB level is still enacted. Plus all the ports are still open... People think that Airgapped means only physical access... 😂
I've been there, seen this, nobody gave me a tshirt :) Airgaps are mostly a mythical beast in my experience, because "corporate" needs data, not least to make more profit via OT systems. My favorite Always Find a Thing used to be checking out the Remote Desktop Users group on HMIs. We were always told that was super well locked down - and then you take a look and there's 25 people in that group, half of them are vendors, and half of those are vendors who are not even current vendors - contracts ended X years ago.
Totally – your example with the Remote Desktop Users group is such a classic. Officially “locked down,” but in reality a graveyard of former vendors and long-forgotten accounts 😅.
Happens all the time – same kind of logic shows up with legacy fieldbuses or real-time Ethernet when people talk about Air Gaps. “It’s physically separated, so we’re safe…” – until some obscure interface quietly bridges the gap. And from there, attackers can often move laterally with ease.
Still, protection is definitely possible – if segmentation is done right. I’m genuinely glad to see more momentum here, from better architectural boundaries to symmetric encryption being added to protocols. It's long overdue that OT security stops being treated as an optional add-on.
Thanks for sharing – I think a lot of people have had that exact same “uh-oh” moment.
I agree with you about protection is definitely possible, and even more so on the looong overue :)
Very well explained. Air-gapped is a myth only. We need to design controls to protect critical OT systems from threats which can be exploited in isolation
Airgapped is a dream, while we find out that the read/write/execute permissions at the USB level is still enacted. Plus all the ports are still open... People think that Airgapped means only physical access... 😂