Published on April 21st, 2022 📆 | 4654 Views ⚑
0Four Questions You Must Ace to Ensure Sound Cybersecurity in OT Systems
Some cybersecurity experts believe hackers today pose a greater threat than ever to power plants and electric grids. Much of the operational technology (OT) used in power stations and throughout the grid was installed at a time when cybersecurity was more of an afterthought than a focal point in the system design. Furthermore, the pool of bad actors has grown increasingly large and complex, including nation states, activist groups, organized crime syndicates, malicious company insiders, thrill seekers, and a bevy of other folks with a variety of untoward motivations.
Hackers are found in all parts of the world, meaning unscrupulous activity is occurring around the clock. The troublemakers arenât always looking to deploy cyber warfare strategies on the spot, but rather, they often want to gain access to systems so they can cause chaos when the action would be most beneficial to their cause and/or most inconvenient for the system.
People in the power sector havenât been oblivious to the threat. A skilled group of professionals has been assembled to monitor systems and develop countermeasures to thwart possible attacks. Still, the vectors and tactics utilized by hackers are constantly evolving, which makes the task of protecting OT systems challenging.
âWhat worries me right now about the threat landscape overall is that I see it accelerating, in particular, in the OT or the industrial cybersecurity environment,â Ian Bramson, global head of Industrial Cybersecurity at ABS Consulting, said as a guest on The POWER Podcast. Itâs not only the frequency of attacks that has changed, but also the kinds of attacks, whatâs being targeted, how systems are being hit, the goals of the instigators, and the people responsible for the offenses have all shifted, he said.
Bramson believes the conflict in Ukraine has increased cyber risks. âItâs what I call a multi-player game now,â he said. As an example, he mentioned a hacker group that goes by the name âAnonymous.â Days after the war in Ukraine began, Bramson said the group announced it had âdeclared warâ on Russia. Anonymous is not based in Ukraine or affiliated with the country in any known way, it simply decided to take a stand against Russia in response to the countryâs aggression. While that in itself doesnât seem to pose a great threat to U.S. systems, it increases cyber activity overall and could presumably encourage pro-Russian hackers to seek revenge, taking aim at Western targets in response.
Furthermore, Bramson suggested much of the cyber activity thatâs being undertaken by Russia and its supporters is politically motivated. Attacks are one way, for example, that Russia could try to fight back against sanctions enacted by European countries and the U.S. without firing missiles and starting a physical war with the West.
âAll that is increasing the pace of attack. So, I think it absolutely is increasing the threat environment for anyone here,â Bramson said. âAnd it brings that battleâthat warâinto our systems, into our devices, into our operations of our power and energy plants. Thatâs where a lot of these conflicts are going to be playing out and thatâs what we have to be on guard for.â
To ensure systems are protected adequately from cyberattacks, Bramson said leaders overseeing critical infrastructure must start by answering four basic foundational questions, which are:
- Do I know what I need to protect?
- Are there holes in my protection?
- Can I detect if a bad actor is in the system?
- If I find infiltrators, can I get them out?
Another Bramson recommendation is to team up with proper experts. âPartner up with people who know what theyâre doing in the OT environment,â he said. âThat domain expertise is importantâpeople who know and live and breathe that environment can help protect itâso make sure that you get that kind of a partnership and expertise.â
To hear the full interview, which includes additional discussion on regulatory requirements and compliance issues, air-gap myths, lessons learned from past attacks, and workforce responsibilities in regard to cybersecurity, listen to The POWER Podcast. Click on the SoundCloud player below to listen in your browser now or use the following links to reach the show page on your favorite podcast platform:
For more power podcasts, visit The POWER Podcast archives.
âAaron Larson is POWERâs executive editor (@AaronL_Power, @POWERmagazine).
Gloss