Engineering news
Attacks on industrial control systems in facilities such as power stations are becoming more common, the memo added.
Elsewhere, an anonymously-sourced report claimed hackers sent emails designed to trick Irish power supply plant engineers into giving them access – and allowing them to take down part of – the Irish grid.
While no evidence of disruption to the grid was found, the suspected attack serves as a reminder of the increasing threat to critical systems and poses a question for many IT teams and industrial engineers – are you prepared for a nationwide attack?
Addressing the air gap
Some of the biggest challenges to securing critical infrastructure are the industrial control systems (ICS) which underpin their operation, as many run using legacy systems. In some cases these can be more than 10-15 years old and are often incompatible with more state-of-the-art security systems and IT developments. Due to their long life-cycle, it’s notoriously difficult to keep ICS secured against the ever-changing and sophisticated ‘threat landscape’.
A solution to address this, which has frequently been employed in the past, is to create an ‘air gap’. This ensures that critical control systems do not interact with or connect to internet systems in any way. Previously this was easy to practice, but today’s industrial organisations are desperate to keep pace with digital transformation and take advantage of the benefits this can deliver. This results in the air gap being removed and modern ICS networks being connected to both the wider enterprise and third parties, opening up vulnerabilities and new pathways for attacks.
Fighting cybercriminals from the inside
It’s becoming increasingly important that operators in critical industries look to adopt strategies that enable the modernisation of operations through securing legacy systems.
Only recently, the NCSC warned that the UK’s most critical industries must increase their cybersecurity defences or organisations could face fines of up to £17m. A simple, straightforward reporting system will be set up to make it easy to report cyber breaches and IT failures so they can be quickly identified and acted upon.
Cybercriminals across the globe are continually developing their strategies and coding, as well as behaviour, to stay ahead of market defence strategies. To attack critical infrastructure, employees are often targeted with tactics to identify vulnerabilities such as weak password storage, unsecured remote access pathways, social engineering campaigns and installing malware on USBs.
With certain state-sponsored hacking groups’ focus on the military, financial and energy sectors, it is paramount that organisations in these areas deploy solutions that help prevent these attacks. Integrating regular and up to date security training to educate employees will ensure they are aware of the most recent tactics used to target systems and what can be done to prevent these.
In addition, implementing solutions to ensure that employees only have access to areas of the network and devices that their role requires can mitigate these types of attacks. This sounds simple, but in reality it is an often overlooked area.
Using privileged identity and access management tools, organisations can discover and manage their privileged credentials and control what both third-party and internal users can access on the network. In addition, they provide an auditable history of what was accessed and any updates made during any sessions.
This not only secures access to ICS on an ongoing basis and removes attack pathways, but also empowers teams to identify and act on any potential untoward behaviour.
Looking to the future
While automation and other modernisation strategies are necessary for organisations to improve efficiency in different areas and maintain competitive advantages, they must also ensure their IT infrastructure and operations remain secure. Organisations must not look to ‘rip and replace,’ but implement practical approaches to secure existing legacy systems and safeguard future investments.
With new industry regulations and standards being implemented, it’s crucial for organisations to recognise and address the risks that connected systems introduce, looking at long-term solutions that secure ICS and critical infrastructure while enabling modernisation and improving efficiencies.
Content published by Professional Engineering does not necessarily represent the views of the Institution of Mechanical Engineers.