A new threat that has become of particular concern to cybersecurity agents worldwide is the attack on Industrial Automation systems that manage the infrastructure of energy and utility companies. Last May, cyber-attacks on the oil pipeline management company Colonial Pipeline co. Became known, which resulted in a significant shortage of fuel throughout the East Coast of the United States for a few days.
But another very serious case, which took place, is the attempted cyber attack on the water company of the city of Oldsmar in Florida (USA) last February. The hackers managed to gain access to the water purification management system and tried to dangerously increase the level of use of caustic soda in the purification of drinking water, which would lead to very serious poisonings. Although Fortunately the attack was averted thanks to an employee who noticed the change in regulation in time, the incident proved that a cyber attack on such systems can lead to significant natural disasters threatening even human lives.
For many years the risk of cyber-attack on Industrial Automation systems was considered quite low. This is because these systems typically operate in closed networks, isolated from the internet and the rest of the company’s information systems.
But the need to make better use of the data generated by infrastructure networks, for example, oil pipelines, smart meters and the creation of consumer products, for example, premiums and lower energy consumption in times of overload of the electrical system, as well as other digital switching opportunities. lead to a great interconnection of Industrial Automation Systems with the other systems of an organization.
To these factors is added the escalating activity of cybercrime organization that are active specifically in these sectors such as Electrum, Xenotime, Allanite and others.
The security of Industrial Automation Systems is one of the first priorities but also one of the biggest challenges in an organization. The characteristics of these systems differ significantly from the traditional information systems that support an organization’s business processes.
Their useful life is usually more than ten years, with the result that many of the systems today operate with outdated security architectures that can easily be violated. In addition, an industrial automation system needs to operate in an extensive geographical area and with data centers or sensors in various parts of the infrastructure it manages.
This often forces organizations to set up decentralized IT and security teams for these systems, a practice that has shown, however, that it usually creates a watertight and ineffective implementation of a single security framework. Therefore, it is important for the responsibility of the security officer to open the responsibility for the security of the industrial automation systems, something that is observed to be pushed more and more today by the organizations.
