We've ‘Always Never Done It’ That Way

From the Desk of an IT / OT Cybersecurity Expert

While serving as Manager of Technology Development within IT earlier in my career, my task was to identify new technologies or applications that would make the people at our branch offices and job sites more productive.  While introducing a new tool to a Branch Manager, he looked at me and said, “We’ve always never done it that way.”  That phrase has stuck with me ever since and when I entered the world of OT Cybersecurity I found that phrase to be more true in that realm than anywhere else.

In the Operational Technology (OT) world, one of the most important areas is the Public Works systems. This includes water treatment/distribution, sewage, and electricity.  These systems touch our lives every day and if even one system fails, it affects the quality of life for a large group of people.  Many of these systems are owned by a municipality or perhaps a cooperative. Many of these systems were built 20 or 30 years ago and with proper maintenance, they continue to meet required production so there is no reason to replace them.  However, they are now being required to connect to a corporate IT network or the internet, a task they were never designed to do.

In Kaspersky’s “State of Industrial Cybersecurity 2019,” eighty-seven percent of the people that responded to their survey stated that OT/ICS cybersecurity is becoming a top priority for industrial companies. To reach the level of protection required, they will need to invest in dedicated measures with highly qualified professionals, to make them work effectively. However, even though this is a priority; only 57% of companies have allocated budget for industrial cybersecurity.

In addition to budget constraints, there is a real question regarding skilled staff. Organizations are experiencing a lack of cybersecurity experts with the right skills to manage protection for industrial networks. However, they are also concerned that their OT/ICS network operators are not fully aware of the behaviors that can cause cybersecurity breaches. These challenges make up the top two concerns relating to cybersecurity management. These directly correlate to why 52% of incidents affecting operational technology and industrial control system (OT/ICS) networks last year were caused by employee errors or unintentional actions.

IT is all about connectivity and the latest shiny object.  With VPNs we can access the corporate network from anyplace and work just like we were in the office, even though we are sitting at a beach bar in Florida.  This is fine for office workers as long as the proper cybersecurity steps are taken, such as not using public Wi-Fi networks and using multi-factor authentication.  If they feel like they need to send an e-mail to their boss after having 3 or 4 beers, that’s their choice.  But would you really want the OT Plant Manager logging in under the same circumstances, because he thought he could make the assembly line run better?

When a bad actor or hacker gets into an IT network you can lose files.  When a hacker gets into an OT network, people can die.  Let’s look at some of the things that have happened in the OT world.  In 2007, Idaho National Labs performed an experiment where they entered malicious commands to a power plant generator and it literally shook itself apart.  In 2010 the Stuxnet virus was released and it caused centrifuges at an Iranian nuclear arms plant to malfunction.  In 2019 a Petrochemical Plant located in Saudi Arabia was hacked and the protection system for the plant would have been disabled if the hackers had not made a mistake and accidently shut the plant down.  2020 a Ransomware attack against Natural Gas Facility (CISA – 2/18/20) shut down operations because they were unable to see what the plant was doing.  

These viruses and hacking attacks that are intent on disrupting the physical world along with internet-borne cyberthreats, will find their way into your Industrial Control Systems.  A well placed cyberattack can cause human casualties, billions of dollars in infrastructure damage, and even bring certain operations of our critical infrastructure to a screeching halt.

Velta Technology is here to help protect your OT Systems from cyberattacks like this and many others.  Our solution offers continuous cybersecurity threat detection that will look for changes and vulnerabilities in your OT network.  Velta Technology is an expert at detecting and preventing cyber-attacks. 

We’re here to help you and your organization, no matter how big or how small.  Our team of experts draw on extensive knowledge and experience across key areas including risk management, operations and human factors. This helps ensure that all testing and mitigation measures are tailored to the specific needs of your organization. 

At Velta Technology, we believe in preventing cyber-attacks before they happen.