How can treatment plants and utilities best guard against cyber security threats? Specialists suggest understanding the structural assets and vulnerabilities of your system and thinking like a bad guy.
The increasing sophistication of contemporary hackers requires correspondingly sophisticated lines of defense, Andrzej Kawalec, chief technology officer for HPE Security Services told MIT Technology Review recently. He notes a troubling disparity in the capabilities of attackers and the defenders. “Most organizations today rely on the walls and moats of yesteryear, thinking they’re defending against catapults and cannons, while attackers instead use drones and highly targeted stealth technology.” HPE’s Cyber Risk Report 2016 finds that 86% of the organizations evaluated currently lack adequate cyber-security capabilities.
Frequent system assessment is key. HPE’s specialists agree that it’s important to take a realistic look at current security practices in order to continually reinforce weak points and potential threats. It’s also important to recognize valuable assets in order to best manage risk and protect critical system components.
“Understand what is valuable in your organization,” Kawalec, explains. “Who is going to try and get those major assets?”
Many of you will recall that in March a group of hackers infiltrated a water treatment plant, altered the plant’s chemical application levels, and were granted access to the personal and financial records of over 2.5 million customers.
In this particular case, International Business Times reports, there were several high-risk vulnerabilities, most notably, the fact that the water company’s entire IT network relied on an aged IBM Application System/400 server from 1988. This sole server was responsible for the water district’s valve and flow control application, for manipulating hundreds of programmable logic controllers (PLCs), and for housing billing information, and the company’s financials. The company has since updated its security in order to adequately protect its systems.
Building a resilient security strategy that’s able to adapt to evolving circumstances and technologies requires new approaches. The US Environmental Protection Agency (USEPA) and National Homeland Security Research Center (NHSRC) have developed a number of tools to help utilities detect water contamination incidents and respond quickly. Some couple sensor technologies and real-time data analysis. Others integrate water models and disaster scenarios to evaluate response strategies.
In addition, HPE suggests that facility mangers think like the bad guys in order to prepare for security breaches. Specialists encourage facility managers to learn the sequence of events leading up to a cyber attack—reconnaissance, infiltration, discovery, capture, and data extraction—and to consider each of them while outlining a security plan and developing response tactics.How does your facility guard against cyber threats and prepare for emergency response? Have you found the NHSRC’s security tools helpful?