Are you willing to leave the cybersecurity of your critical infrastructure unchecked? Oil and gas, water and wastewater treatment, and power facilities need to take extra care to keep their cybersecurity measures fully developed and continuously updated. The threat landscape is ever-changing and constant awareness is required to reduce the likelihood of malicious hackers gaining access to your data or control systems.
Recently, a pipeline in Texas learned a hard lesson in cybersecurity, one that we all might feel shortly with an expected surge in fuel prices due to the impact. A ransomware group calling themselves DarkSide is suspected of providing the tools to hack into Colonial Pipeline Co. and forcing the company to shut down main fuel lines. This shutdown has cut off access to more than 5,500 miles of pipeline from Texas all the way up the East Coast while Colonial deals with the digital extortion attempt. The line carries oil, gas, and fuel to many of the large distributors across the East.
Utilities today must learn to cope with constant attempts at infiltration and accept that proactive threat detection must be multi-faceted.
Proactively detecting attacks early requires first understanding your network’s normal application behavior and traffic patterns. It also requires an understanding of the different types of threat hunting tactics that are out there to ensure you have implemented multiple layers to address the wide range of security measures.
Unsure if you have all of your layers covered? Or unsure what “normal” looks like on your network? One way to start a more comprehensive protection plan is do a Security Posture Assessment. In a Security Posture Assessment, a technician comes on-site and collects network information for various points in your network as well as reviews current cybersecurity measures that are implemented within the plant. Data is then processed through Clarity Threat Detection Software and a report is generated providing you, your facility, your management, and your security team Critical Asset CVEs (Common Vulnerabilities and Exposures), Ghost Communication listings, and remediation guidance. At under $10k, it is a great starting point.
There are extensive developments quickly happening that include inherent cybersecurity measures for today’s control system technologies, ones that should be learned about and implemented in early design phases of new systems.
One of the quickest methods being developed, but still significantly underutilized is CIP Security. The CIP Security method securely transmits data at the protocol level rather than relying solely on additional hardware or applications to provide protection. It seeks to embed cybersecurity into the very language and identity tactics that your devices use to talk to one another. It is an additional way to bolster your Defense in Depth by providing authentication of endpoint identity, preventing the tampering of data in transit, and even encrypting all communications so if intercepted, it is useless to the interceptor. Check out this Expert Zone Blog to learn how CIP Security can protect your facility.
No matter if you need to understand your current Security Posture or are looking to implement a new system and leverage all of the technology out there, there are serious steps you can take to improve your organization’s security posture. Engaging in a Security Assessment or learning about CIP Security are great next steps. Rumsey’s team has the knowledge and resources to help you collect data to move forward in minimizing vulnerabilities but remember – it is an ongoing effort. Cybersecurity will simply never be “done.” Check out our Security Posture Services to learn about how we can help.