Utility Joint Use Asset Management Blog

Cybersecurity Series: Manage Critical Infrastructure Risks (Part 1/5)

Written by Mary Ashley Canevaro | May 1, 2018 10:00:00 PM

As the joint use industry inches closer to a technology-based future, cybersecurity is an everyday concern. In the last few years, there have been incredible innovations in technology: the Internet of Things, Machine-to-Machine communications, smart homes, and interlinked systems. Yet, there is uncertainty and fear around the vulnerabilities of new tech, especially involving our country’s power, broadband, and communications infrastructure. This article will take a look at the recent conversation surrounding cybersecurity for joint use organizations.

Infrastructure is susceptible to threats because it has become a complex system with multiple points of access. ESG research reveals in a survey that 68% of critical infrastructure organizations claim that they experienced one or several security incidents over the past two years.  

An urgent focus for all critical infrastructure organizations – which include power, communications, and broadband – is to examine current security vulnerabilities and standards, ensuring they comply with industry best practices to prevent potential attacks. 

 

Challenges to Protecting Critical Infrastructure
With the recent explosion of technology advancements, the joint use industry is changing. Securing a technologically advanced future requires an industry awareness of the previous historic lag around cyber security standards. For joint use, contributors to cybersecurity delays include: 
  • Aging infrastructure 
  • Using legacy equipment with well-known security vulnerabilities
  • Extremely long patch cycles
  • Extended replacement cycles
  • Limited security awareness 
  • Ineffective segmentation of enterprise IT networks from operational networks

These issues are made even more pressing by the fast advancing threat capabilities from a range of players. There are four key groups that invade internet security: political activists, script-kiddies, criminal gangs, and nation states. Alden’s IT Manager, David Shaddix, sat down with us to weigh in on the issue. He explains: “these four groups are all real threats to any online environment.” 

Script-kiddies
According to Shaddix, this group of potential threats is “kids that have more time than they know what to do with, and enjoy breaking in to things to prove that they can.” Script-kiddies wouldn’t typically target joint use or major infrastructure, but they can be a threat to anything connected to the internet if they get their hands on it.
 
Political Activists
“Activists in other countries would be most likely attacking US infrastructure,” Shaddix says, “like utilities, the power grid, and telephone, anything they can do to disrupt US culture.”
 
Criminal Gangs
This group attacks for credit cards. “They’re going after identity theft and fraud. The goal is to steal identities so that they can authenticate credit cards and spend other people’s money,” Shaddix explains. Criminal gangs are not necessarily a threat to infrastructure, but always stay alert.
 
Nation States
Nation states and other countries pose a threat to take down the grid. Their interests are likely, but not always, political.
 
 
Recent Cyber Attacks
So far, Mother Nature remains a greater force of destruction than cyberattacks. Major storms leave tens of thousands of people without power for weeks – much longer than the impact of any cyberattack to date. The good news is that no cyber attack in the US has crippled the grid, water, communication, or other critical infrastructure system for even as long as a week. However, the fear surrounding technological advancement is that the growth of IoT may soon change that fact. 

Recent cyberattacks demonstrate the growing power of threats:

Unfortunately, there’s no turning back the clock of technology. Progress must not be stopped. It continues to advance, and we must keep existing infrastructure safe while planning cybersecurity strategy for an increasingly connected system.

 

Cybersecurity Best Practices for Critical Infrastructure
Critical infrastructure like power and communications were originally designed for reliability, not for connectivity, and as such are particularly difficult to upgrade or replace. So, what are the best practices for keeping infrastructure secure?

David Shaddix explains: “There are many ways to keep our infrastructure secure. For example, at rest data should always be stored encrypted. Multifactor authentication, like having both a password and email confirmation, keeps others from logging into software that stores data.” Shaddix also states, “either have an internal system of penetration testing or use a company you trust to do it. Penetration testing includes eliminating SQL injections or cross-site scripting. End-to-end encrypted communications is extremely important to keep anyone in the middle from listening in on your data communication.”

Here are a few basic key steps that infrastructure organizations can take to better prevent (or at a minimum detect and resolve) cyber threats:

  • Assign someone in a senior leadership position to be responsible for cybersecurity
  • Consult a trusted company that provides mitigations against top OWASP vulnerabilities, that continuously reviews new attack measures, and that analyzes any vectors that may apply
  • Train and empower security personnel to enforce proper access control, strong passwords, and remote access
  • Use appropriate equipment segregation, firewalls, and other security devices
  • Secure computer equipment and enforce policies, such as use of removable media
  • Protect the web app or platform that communicates with device end points
  • Secure the data exchanged between IoT devices and the platform

 

The Future of Cybersecurity and Critical Infrastructure
Best practices of infrastructure data will change and grow as the industry adapts to a technology-based style. Cybersecurity measures should consider the potential risks, put in place controls to mitigate those risks, and measure the effectiveness of those controls. Threats will continue to change, and joint use organizations will need to adopt a mentality of continual assessment and improvement to keep critical infrastructure safe.

Stay tuned for future posts that look closely at how changing cybersecurity needs are impacting power companies, telecommunications companies, as well as CATV and broadband providers. 

What are your current concerns surrounding cybersecurity and joint use infrastructure? Share your thoughts or questions in the comments below.