Industrial IoT
Reports
Transportation
Utilities: Energy & Power, Water, Waste

How can essential infrastructure operators Identify cybersecurity priorities?

April 03, 2020
Identify cybersecurity priorities

As the coronavirus pandemic raises the stakes for providers of essential goods and services, recommendations for smart grid security deserve a closer look. The coronavirus pandemic has forced government officials and businessmen everywhere to think about what qualifies as an essential good or service. And as reported previously, many of the manufacturers and service providers designated as essential at this time rely on cybersecurity specialists to ensure business continuity. As a result, it has become an urgent matter for essential infrastructure operators to identify their cybersecurity priorities. But what should these priorities be?

Learning a lesson from smart grids

An article published by T&D World on March 30 offers some guidance.

The article, which was written by an analyst from Transparency Market Research (TMR), focuses on security measures for smart grids – that is, systems that collect, integrate and analyze data from information technology (IT) and operational technology (OT) to optimize the production, delivery and use of electric power. As a result, many of its recommendations and observations are specific to the power-engineering industry.

The article notes that most cyberattacks on smart grids fall into one of three categories: topology, component, or protocol. It defines these categories as follows: “Topology-wise attacks target the smart grid topology by launching a denial-of-service (DoS) attack that stops operators [from having] a full view on the power system, causing inappropriate decision-making. Component-wise attacks target field components that include the remote terminal unit (RTU). The RTU is [mostly] used by engineers to remotely troubleshoot and configure smart grid devices. Protocol-wise attacks target [attacks on] communication protocols using various methods such as false data injections and reverse engineering.”

[optin-monster-shortcode id=”dv4jqlr9fih8giagcylw”]

 

Top priorities: topologies, components, and protocols

But smart grid operators aren’t the only businesses that should be thinking in terms of topologies, components, and protocols. This three-point framework has the potential to be useful in other essential sectors as well.

For example, manufacturing plants that rely on robotics and industrial internet of things (IIoT) devices to produce essential goods are just as susceptible to topology problems as smart grids. Their performance hinges on the steady influx of operational data, and DoS attacks can block this flow. And if operators can’t count on having a complete and accurate view of their facilities, they may have trouble producing the items that are most needed.

Meanwhile, upstream oil and gas producers, which have also been classified as essential, are also vulnerable to breaches of component security. If they use RTUs to configure and monitor the systems that keep tabs on reservoir pressure and temperature, fluid dynamics, and equipment performance, attacks on field components will stymie attempts to make accurate assessments of working conditions. Such incidents would, in turn, increase the risk of overlooking irregularities that could lead to production stoppages or safety hazards.

Likewise, transportation and logistics providers (also deemed essential) have reasons to worry about problems with protocol. Many of them depend on field communications data, including but not limited to reports filed electronically by employees making deliveries and GPS data tracking the movements of fleet vehicles. As a result, violations of protocol that result in false data injection and reverse engineering of company operations have the potential to disrupt the movements of essential goods and workers.

In short, cyberattacks don’t just pose a threat to power companies; they’re also a problem for providers of many types of crucial goods and services. As such, essential infrastructure operators seeking to identify cybersecurity priorities may benefit from the work that has already been done on behalf of smart grid providers.

Jennifer DeLay Iacullo
Jennifer DeLay Iacullo is a freelance writer specializing in global oil, gas, and power engineering topics. She has covered the energy industry of the former Soviet Union, China, Africa, Latin America and North America for more than 20 years. She lives in Atlanta with her family.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Mandiant exposes APT44, Russia's Sandworm cyber sabotage unit, targeting global critical infrastructure
Mandiant exposes APT44, Russia’s Sandworm cyber sabotage unit, targeting global critical infrastructure
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Kaspersky ICS CERT reports on escalating consequences of cyber attacks on industrial organizations
Kaspersky ICS CERT reports on escalating consequences of cyber attacks on industrial organizations
Forescout discloses Connect:fun exploitation campaign targeting organizations using Fortinet's FortiClient EMS
Forescout discloses Connect:fun exploitation campaign targeting organizations using Fortinet’s FortiClient EMS
The Takepoint Research report indicates a significant shift towards adopting the Zero Trust model in OT, with 72% of professionals integrating it to boost security and efficiency. It highlights secure remote access as a key application, aligning with goals to reduce risk and enhance operations. Moreover, it points out the need for collaborative efforts across organizational roles to implement Zero Trust effectively, aiming to improve productivity and security.
Xage-Takepoint Research report reveals growing adoption of zero trust security in industrial enterprises
New JRC-ENISA report enhances cybersecurity standards alignment through CRA requirements mapping
New JRC-ENISA report enhances cybersecurity standards alignment through CRA requirements mapping
CSRB reports Microsoft Exchange breach by Storm-0558, urges security reforms following espionage incident
CSRB reports Microsoft Exchange breach by Storm-0558, urges security reforms following espionage incident
E-ISAC releases report on GridEx VII exercise, highlighting recommendations for grid security and resilience
E-ISAC releases report on GridEx VII exercise, highlighting recommendations for grid security and resilience
Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure
Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure
DOE must remain lead cybersecurity agency for energy sector, Energy and Commerce Committee indicates
DOE allocates $15 million to establish university-based electric power cybersecurity centers