Are Your Country’s Canals, Dams, and Power Plants Safe from Hackers?
- In 1999, a 16-inch fuel line ruptured in the US spilling 277,200 gallons of gasoline and killed three youths.
- In 2015, a power blackout affected 225,000 people in western Ukraine by hackers sabotaging power distribution equipment and complicating attempts to restore power.
- In 2016, Iran had attacked U.S infrastructure, by infiltrating the computerized controls of a small dam near New York City.
Can you believe that these incidents were all caused by cyberattacks? Unlike most of the cybersecurity-related incidents that we’re familiar with, the consequences of these incidents have caused fatal impacts and even threatened the security of the entire nation.
Traditional operation technology (OT) has become an important part of systems, processes, and automation of external and closed networks. Cyberattacks targeted at OT environments occurred due to the unclear and lack of security for hardware and software systems that operate and control factories, power plants, and other types of equipment that advance task performances.
What’s the difference between OT and IT?
Even though the boundaries have blurred a lot in recent years, the main goal of the OT system was to operate in the separated network and achieve specific tasks. It was mainly focused on utilizing software for specific environments, however, there have been dramatic changes in the OT environment since it started to connect with external and IT environments. Let’s look at the main differences between the two below:
Protocol and Operating System
Information Technology (IT) in general uses various applications, network protocols (TCP/IP), and operating systems such as Windows and Linux. On the other hand, OT relies on specific applications and independent protocols due to the nature of its environment.
What must be considered when operating in the IT environment is not to lose the balance of the entire system hence high responsiveness and integrity of communication data are essential. On the other hand, maintaining availability is the most important factor in the OT environment since it often involves large-scale production facilities.
Even a few seconds of downtime can cause devastating results, therefore it’s critical to even respond to the smallest attacks possible, which demands extra attention and complicated process.
Recent OT Trends
As IT and IoT technologies are converging, the speed of development has been accelerating over the past few years. Devices are being monitored and controlled remotely as boundaries have blurred via Big Data and machine learning technologies. Countless companies and factories have adopted IoT technologies to increase manufacturing and work efficiency. As it gets more open and connected to the outside, it’s becoming more vulnerable and exposed to the danger of cyberattacks.
OT related cyberattacks can also result in fatal physical damages. Dragonfly, an Eastern European hacker group, had targeted more than 1,000 energy companies in North American Europe in 2014, including energy grid operators and industrial equipment providers.
In the same year, a German steel mill suffered massive damage following a cyberattack on the plant’s network. The mill’s control systems were breached and the hackers have used booby-trapped emails to steal logins that gave them access. Even a 12-year-old hacker broke into the computer system that controlled the floodgates of the Theodore Roosevelt Dam in Arizona back in 1998. All of these attempts have not only been successful and massive but also were followed by physical damages.
The existing OT security was often limited to the company’s manufacturing plants and energy production facilities. Now all social infrastructures including roads, railroads, ports, airports, information and communications, energy, environment, education, and even national defense are operated under OT systems. One of the critical features applied is secured connectivity and all smart factories, smart homes, and smart metering systems we rely on are based on this core technology.
The key to running these systems safely is system encryption. This allows the system to operate safely and the connected objects can also be safely secured before connection. In addition to encryption, web application firewalls, and authentication solutions are necessary for safer PKI management throughout the entire process.
Most of the businesses are mainly focused on increasing productivity and efficiency, however, we must remember not to neglect safety at all costs. Whenever safety was compromised in the existing IT environment, it often resulted in data leakage and financial losses. On the contrary, if we take advantage of the developing OT environment and combine with Big Data and AI technologies, businesses will be able to create new opportunities and values which can only be realized by securing all devices before any connection.