Industrial cyber attacks on water facilities have been on the rise over the past decade, culminating recently in several alarming events and even more concerning, some potentially lethal near-misses. The example at the top of everyone’s list of cyber attacks on water facilities is the attempted breach of the Oldsmar water treatment center in Florida. There are several reasons why this case has been so highly publicized:
- Water systems are amongst the most essential in terms of infrastructure. The idea of a possible breach is terrifying both for residents and officials.
- Cyber attacks on water utilities are usually associated with cyber warfare. A ransomware attack would represent a new level of danger.
- The breach of the Oldsmar plant occurred via a third-party network, highlighting the need for security throughout the entire system.
- The attack was ultimately averted, but only because of a particularly sharp-eyed employee who happened to spot the rogue cursor moving on the screen when it shouldn’t have been.
Pinpointing the problem
Cyber security for water operations should be at the top of the priority list in order to prevent the possibility of a large-scale crisis. It has, however, proved tricky to ensure the necessary level of water utilities cyber security.
There are several different factors contributing to this problem: in the case of the Oldsmar facility, old software and poor password protection was the culprit, and this issue exists in many industrial facilities, but in particular within water operations where budgets and staff are often limited.
Another contributing factor is the issue of OT vulnerabilities which has become the focus of attention for cyber security specialists. This problem has arisen as a result of the convergence of IT and OT systems.
Bringing industrial systems online allows for streamlining of services, as well as financial savings, but it also introduces the problem of a potential cyber attack, where before these vital systems were protected by their very nature of being isolated.
Understanding the specific vulnerability of U.S. Water facilities
The need for adequate ICS cyber security for water operations is universal, but there is already a gap between the security levels in larger facilities and those in smaller, rural plants.
This is particularly relevant in the United States where water operations are split into many very small locally-run facilities with minimal staff. This fragmented structure leads to a compound problem: it increases the need for the systems to be online to ensure continuity of service, but this very same solution increases exposure to cyber attack.
Simultaneously, low staffing levels means that there are very few network experts available for prevention or even reaction, let alone cyber security specialists.
Six steps to securing water operations
While it is true that the problem is complex, there are several steps that you can take to improve cyber risk management for water operations.
- Industrial systems were protected in the past because they were air-gapped from IT systems. Where possible, air-gapping and network segmentation should be used in order to minimize the possibility of a cyber attack in the first place.
- For situations where it is impractical or impossible to make use of air-gapping, a one-way-traffic system can be implemented, preventing access to the OT system from the IT network. This minimizes the number of danger spots where an intruder could gain entry into the water system itself.
- In order to reduce cyber risk for water utilities, it is essential to assess the entire system on a regular basis in order to identify weak spots and to establish a base-line so that any changes become instantly visible.
- Go back to basics: the Oldsmar breach was blamed on outdated software and poor password protection, so mitigate these problems by ensuring that IT systems are up-to-date, cyber security software is running and management is teaching staff the importance of keeping their credentials secure.
- Introduce protocols for external service personnel like a SASE system which will protect your system from a breach via a third-party vendor.
- Find out exactly where your system is likely to be targeted and implement the changes needed to optimize the cyber security for your water facility with Radiflow’s CIARA solution.
Securing your water operation with Radiflow
Radiflow will ensure that you have all the tools you need to fully protect your water and wastewater facility. A virtual digital map of your complete network highlights any weak points for you to SEE, and creates a base-line picture.
Radiflow’s CIARA industrial risk assessment and monitoring system enables you to KNOW what the problems are, and offers the opportunity to ACT to close any gaps and prevent breaches. Then, you can MONITOR on an ongoing basis, making it possible to update the security regularly in order to protect the water system and enable continuity of service.
To discover more about Radiflow’s innovative ICS solutions, contact us today and find out how Radiflow are working to protect water operations around the world,