Fundamentally, Operation Technology (OT) is the hardware and software that keeps critical infrastructure running. It often relies on IT infrastructure, however, especially when communicating with assets across different locations. Consider a system that, while monitoring OT assets in a substation or control room, relies on a data center in a remote location. The OT assets depend on both the IT network and the data center infrastructure to facilitate communication and data processing. This then leads to a situation of distributed authority where, when looking at the end-to-end implementation, responsibility for the monitoring the OT assets is distributed among IT, networking, and engineering and facilities staff.
To manage the critical power infrastructure, businesses employ systems such as Building Automation Systems (BAS), Building Management Systems (BMS), and Building Energy Management Systems (BEMS), each of which has some degree of processing capacity and is connected to the outside world. These systems fall under the category of OT networks.
OT systems and assets have long lifecycles – more than 10 years in most cases – which can result in them using outdated software and legacy hardware, which may not be actively supported. This makes these systems difficult to patch and more vulnerable to exploitation by malicious actors. This highlights the need to select products and vendors that actively review the cybersecurity state and provide updates throughout the expected lifecycle. It also highlights the need to maintain accurate inventories and continuously assess the system for vulnerabilities and weaknesses and actively mitigate the resulting risks.
Why attack Mission Critical Infrastructure?
While most cyber-attacks target traditional IT infrastructure, there have been several in recent years which have targeted OT or Industrial Control System (ICS) networks. One attack on a nation’s power grid left over 2,25,000 households without electricity. Using spear phishing emails to gain a foothold in the network, the attackers installed malware on SCADA systems, which enabled them to trip circuit breakers and turn off the power to the utility’s customers. A subsequent denial-of service attack on its call center meant those customers were unable to report or receive information on the outage.
This particular incident highlights how malicious actors can initiate complex attacks on mission critical infrastructure. Motivations may range from financial reward – a ransomware attack, for example, will lock a company’s entire network until a ransom is paid; information theft – where sensitive personal, corporate and financial information can either be used to carry out further attacks or sold on the black market; to meet some political, military, or terror objectives; or simply to delay and disrupt services. Often initiating supporting attacks to cause disruption and delay the identification and isolation of – and the recovery from – their primary attack, attackers must gain access to their target’s system in order to achieve their objectives. This requires them to exploit the attack surface, the term used to describe the sum of entry points to a system. As illustrated in the Figure 1, once inside the system, they can pivot, moving from asset to asset, listening, learning, and exfiltrating information, often lying undetected for months before taking control of the system.
Protecting mission critical systems with full lifecycle cybersecurity
A discipline of risk management, cybersecurity isn’t about making a binary choice between ‘secure’ and ‘not secure’. Neither it is something that can be applied just once and left alone, or considered at procurement and then forgotten about. Instead, cybersecurity must be applied across the entire lifecycle of a system – considering every asset from product selection through weekly, monthly, and yearly maintenance, to decommissioning. The security of a network or system is only as strong as its weakest link. Organizations should therefore employ basic cybersecurity hygiene, and continuously analyze emerging threats to ensure systems are deployed securely. In addition, they should take inventory of everything connected to their networks, and employ a zero-trust model. The key tenets of effective cybersecurity lifecycle maintenance are:
- Know what you have
- Know how it’s connected
- Know how it’s configured
- Know its patch state
- Know how to recover
- Know who to contact
- Look for overlap and efficiencies
An effective cybersecurity strategy for a facility’s operational technology requires a comprehensive strategy that covers People, Processes and Technology. People are the weakest link in the chain when it comes to security. Skilled attackers abuse the element of trust to make their way an organization’s systems via social engineering techniques such as phishing. Defending your organization by training your people, vendors and internal stakeholder should therefore become the first line of defence. Your own processes, too, should consider the security of all the components in your infrastructure, and should have defined roles, responsibilities for both your IT and OT teams. Ensure you have robust plans for vulnerability management and incident response, as well as a dependable disaster recovery plan. Furthermore, it’s important to ensure you work with trustworthy suppliers who understand the importance of cybersecurity and have a robust cybersecurity program in place. Select products, systems, and solutions that are designed with cybersecurity in mind and that meet industry standards throughout their full lifecycle. They should be regularly assessed for potential vulnerabilities and patched to address discovered security loopholes and vulnerabilities on a regular basis. It’s also imperative that your facility’s OT network and assets are periodically assessed for cybersecurity measures. The following diagram shows what full lifecycle cybersecurity looks like in practice.
Eaton OT Cybersecurity Services
We at Eaton are ready to enable organizations to understand and mitigate OT/ICS cybersecurity risks. We offer the following services:
- Comprehensive risk assessment
- Conducting an in-depth architecture, threat and vulnerability analysis to determine the overall level of exposure
-
A comprehensive cybersecurity report will be prepared and presented
- Industrial network defence – 24/7 monitoring
-
Securing critical systems and data
-
Firewall to restrict unauthorized access to critical systems & provide traffic visibility
-
Uni-directional gateways to allow only one way traffic and securely send traffic from BMS to cloud or third party
- Lifecycle management services
-
Cybersecurity as a service
-
Reoccurring assessment of People, Processes and Technology is required to ensure controls don’t deteriorate over time. We apply industry’s standard and best practices and the best Global OT cybersecurity practices
Businesses need to be confident that the technology they buy to make their buildings work won’t leave them vulnerable to attack. Security shouldn’t be a secondary consideration for OT systems. In order to trust that their critical infrastructure is safe, it’s vital that businesses consider lifecycle cybersecurity alongside function when choosing new control systems and assets.
Ravi Kumar Ayilavarapu is an Electronics and Communication engineer. He has also done part-time management studies from IIM, Calcutta along with Master’s degree in General Management from Alliance University. Presently, he is the General Manager of Enterprise & Data Centre Business for Power Quality division of Eaton Electrical Sector. In this role, he is responsible for driving Enterprise Business in Western Region of India.
