Industrial cybersecurity company OTORIO announced Tuesday the release of a Windows hardening tool for HMI/SCADA systems based on GE Digital’s CIMPLICITY application. With the tool, users will be able to verify the security configuration of the Windows machines using different CIMPLICITY components.
The tool is made up of 16 security insights, based on dozens of Windows checks that are derived directly from GE’s security recommendations, to ensure that the installation of CIMPLICITY is done in a safe environment. OTORIO has embedded GE’s feedback and insights into the hardening tool to make sure that all security checks performed are in alignment with GE’s recommendations.
“We are also recommending users run an annual test to make sure that the system stays secure over time,” OTORIO said in a company blog post.
Cybersecurity experts are seldom present on the production floor. Therefore, “we designed the tool with the system integrators who install these systems and OT security personnel within the plants as its primary users,” OTORIO said. The hardening tool is as simple as a “double click” of a PowerShell script, which makes it easy to run even for non-technical personnel, it added.
CIMPLICITY is a scalable automation platform providing visualization and control for industrial systems of various sizes and architectures. It is the key component that controls and monitors the operations in the manufacturing environment. The software application can run on a single server or in a variety of client/server architectures.
It also delivers quicker responses, reduced costs, and increased profitability, in addition to reducing time-to-value with rapid application development tools, including new OPC UA auto-discovery, enhanced mimic-building tools and libraries, and REST APIs for remote configuration. Using OPC UA Server support for modeled data, CIMPLICITY helps aggregate systems for a single connection to SCADA systems and deliver consolidated views.
OPC Unified Architecture (OPC UA) is a machine-to-machine communication protocol for industrial automation developed by the OPC Foundation.
OTORIO holds that the hardening tool provides an effective way to verify the control servers themselves. It is not proposing that the hardening tool addresses all possible misconfigurations, or that it checks all of the security flaws that may arise in CIMPLICITY environments, such as network segmentation. GE Digital’s model assigns responsibility and liability to the buyer or user and is committed to continued collaboration on security.
In December, OTORIO released its list of industrial cybersecurity predictions for this year in the backdrop of an increase in COVID-19 accelerated ransomware attacks targeting industrial companies. Hackers took advantage of the shift to opening the shop floor to remote connections, leading to a surge in industrial ransomware attacks from less than five successful attacks per month in the first quarter of this year, to over 20 successful attacks per month from May onwards.