Is Our Water Safe to Drink? Securing Our Critical Infrastructure

COMMENTARY

Within the realm of cybersecurity threat, the obscure darkish nook of the room is operational know-how (OT). That is the house the place computer systems and bodily perform come collectively, opening and shutting valves, flipping breakers, stamping steel, and altering the temperature in your house from an app in your cellphone. That is additionally a spot that the majority IT professionals and cybersecurity practitioners draw back from and look to as “that stuff over there we do not actually perceive.”

The Lack of Consideration on Operation Expertise Assaults

The cyberattacks that make the headlines usually impression shoppers considerably. Traditionally, these focused monetary techniques, hospitals, credit score businesses, and sometimes authorities entities. What’s much less widespread to see is public acknowledgment of a cyberattack towards true crucial infrastructure. Stuxnet was one of many very first, however there was a lot shrouded within the thriller of espionage that it didn’t have a serious psychological impression on many of the world’s inhabitants. In distinction, the 2021 Colonial Pipeline assault triggered widespread gasoline shortages, highlighting the extreme potential impacts of such assaults. But, solely three years later, it has light from public reminiscence. Equally, assaults on small water utilities in Pennsylvania and Texas acquired little public consideration.

Why are folks no more targeted on securing operational know-how, then? Maybe it is a lack of awareness and a little bit of awe as to how a lot management computer systems can have; nonetheless, the OT house is not new tech. Most of the elements in an OT setting will be many years previous. Even nonetheless, seasoned community engineers and IT directors alike might not totally perceive OT communications protocols, making cyberattacks on this house extra attainable and concurrently much less mentioned.

Reimagining OT Safety 

How will we handle threat and defend the often-ignored underbelly of IT, which incorporates the infrastructure that retains the lights on, water clear, medicine out there, and manufactured merchandise flowing — all pushed by OT?

Defending this infrastructure is not overly complicated. This is what’s wanted:

If it is that straightforward, why has defending this infrastructure been so difficult globally? The first challenge is that out there instruments are both tailor-made for IT techniques or designed for OT techniques however lack obligatory integrations for IT workers monitoring. SIEM instruments, essential for monitoring community communications and rogue exercise, must interface with cloud companies — one thing OT environments keep away from. Consequently, protecting instruments like CrowdStrike cannot be totally utilized. Even with partnerships with Claroty or Dragos, they nonetheless contain a proxy connection to the Web.

Proposing Options, Highlighting Roadblocks

There are a number of methods that may be utilized efficiently to handle threat in these environments.

The primary is to have a radical understanding of what info must move and wherein instructions, and what portion of it must get to the skin world. Repeatedly we encounter eventualities wherein there’s technical documentation in regards to the operational facet of the design however not up-to-date details about what knowledge is flowing the place and the way it’s being utilized. The second is that many of the instruments which might be utilized for visibility on this house require particular community configurations.

These instruments depend on community site visitors evaluation as a result of it is not usually attainable to put in conventional antivirus or endpoint safety software program on the gadgets that exist within the OT house. Meaning there have to be a mechanism to route the site visitors to the inspection factors. Most of those networks had been designed for resilience and uptime, not for cybersecurity, so reconfiguration is commonly obligatory to have the ability to route site visitors in a path that permits for inspection. These community resegmentation initiatives take a variety of time, are typically costly, and run the chance of operational downtime, which is one thing that no OT setting can usually tolerate.

The First of Many Backside Strains

The urgency to safe our crucial infrastructure can’t be overstated. Our crucial techniques will be protected against looming threats by embracing a proactive method, investing in training, and fostering collaboration between IT and OT professionals. The price of inaction is just too excessive — our water, energy, and security rely on our potential to safeguard these important applied sciences.

Is our water secure to drink? The reply lies in our dedication to securing the unseen, usually ignored underbelly of our technological world. Solely via vigilance and devoted effort can we guarantee the security and reliability of our crucial infrastructure for the longer term.