Operational cybersecurity and the new industrial frontier

Protecting industrial infrastructure and supply chains from cybercrime has become more important than ever as the pandemic and the advent of increased connectivity have offered more chances than ever before for assets to be breached, according to cybersecurity experts.

An unprecedented increase in people working from home has led to a rise in phishing or ransomware attacks over the past 18 months, which could lead to greater opportunities for credential data loss.

A recent Verizon report analysed nearly 30,000 cyberattacks alone and found the vast majority were done for monetary gain.

Read more: Cybercrime has thrived during the coronavirus pandemic

Similarly, towards the end of last year, Russian cybersecurity experts Kaspersky unveiled attacks on several industrial holdings dating back to at least 2018. A member of its team later spoke to Industry Europe to discuss the importance of industrial cybersecurity and the risks it poses going into the future.

There has been an opening in the market regarding operational technology (OT) and the lack of development in this area represents both a great opportunity and a significant area for weakness within many key sectors.

"There has been a significant demand in recent years for consumers and companies to have risk and reliability consulting as well as assessments for OT security," the head of ABS Consulting's cybersecurity arm Ian Bramson told Industry Europe. "For example, we've gone to nuclear power plants who are still running their security services on 30-year old hardware."

"While there have been great strides for cybersecurity in the IT sector, security within the OT sector is not very mature and not taken very seriously," he added.

Bramson has been at the head of this new wing of the company for a few years. ABS Consulting was set up as a for-profit subsidiary of the American Bureau for Shipping (ABS) back in 1991.

Originally working for Siemens, he said the cybersecurity arm was a recent edition to plug not only a gap in the market but to help key sectors protect their interests, adding that very few companies currently work within the OT field.

Industrial cybersecurity represents cyberattacks that target infrastructure which often either aims to steal data for monetary gain or to disrupt any number of operations within a nation or business.

A particularly prudent example is the recent ransomware attack on the Colonial Pipeline - the US eastern seaboard's largest oil pipeline - which was out of operations for a week. There were concerns this could lead to a national panic in a similar vein to the early onset of the coronavirus pandemic, causing the US government to issue warnings about panic buying petrol.

Several bogus claims surfaced in the wake of the crisis of the public filling plastic bags with petrol, although many of these videos predate the attack.

Meanwhile, reports have been circulating about large lines of people waiting in line to stock up on gas across the entire Southern United States.

"You can attack any part of industrial infrastructure as all the key parts that make industry run are connected now," Bramson said. "Our customers will ask us, 'well, how do we protect this?' We have a suite of services we offer but we're also very active to get knowledge and awareness out there to prevent these kinds of attacks happening."

"Protection of the core of your services and production represents operational technology. Particularly for our customers, if their operations stop, it's likely they represent a core part of a supply chain. 80% of all goods are done by the shipping trade and severe disruptions here - like what we saw with the recent Suez canal blockage - can have disastrous effects on global trade and the economy," he added.

Branson added that if major industry areas - ports, pipelines, shipping routes, power - suffer from disruptions or attacks, it can have a "direct impact" on every aspect of a supply chain, describing it as having the potential to "shut everything down".

ABS Consulting describes operational cybersecurity as a "business imperative" with industry players choosing to operate a greater emphasis on protecting themselves, their profits and their operations.

Data theft within industrial cybersecurity is a relative rarity. Many attacks have more malicious intentions to cause complete shutdowns or even probing for potential terrorist attacks at a later date.

Other areas for attack include situations where supply could be slowed to allow for attackers to manipulate markets, Bramson claims.

He added that many players, particularly within older, more established industries cannot answer "the first question" regarding their own internal security systems.

He said: "Many of the customers we go to are not even aware of what they have to protect - what we refer to as 'cyber assets' in the business - things potential attackers can get to and do damage with.

"The entire process is relatively bespoke. We have to assess each situation individually, highlight their most important or most exposed assets and work from there. Basic monitoring is very important but very hard and it involves filling in any holes using native solutions. However, doing this incorrectly could shut down the entire OT system, so you have to be careful.

"For this reason, it is far safer to ensure you use OT specialists to help protect OT interests, rather than relying on the IT industry as many operations have to be built from the ground up."

"The only guarantee in this industry is that there is almost a certainty you will be attacked at some point," he added.

ABS Consulting often tells their customers to take the threat of cybersecurity easily, describing it as a form of risk management and that these kinds of protections should form a core part of any business.

The problems associated with not upgrading efficiently appear to only be a problem for older sectors, Bramson suggests.

He said: "Sectors like renewable energy have the opposite problem. They're building so quickly - they have the latest technology - but cyberattackers feed on new technologies which mean that security becomes more difficult. Increased digitalisation means more avenues for an attack which means it can be difficult to keep up.

"Regardless of what you want to call it, digital transformation, automation, Industry 4.0, Internet of Things: they each bring their own problems. Often it's pushing for increased automation - taking humans out of the loop - which means more avenues for digital attack or increasing connectivity and co-dependence and links with other units, which can also provide more opportunities for cyberattacks."

"Threats are continuing to evolve, perhaps even faster than the industry can adapt," he added.

Bramson stated all industries require some investment in operational technology, and an increased focus on what he referred to as "cyber acceptance testing", ensuring software and its security risks have been thoroughly checked to minimise risks further down the supply chain.

He stipulated the importance of supply chain durability, owing to cyberattacks usually happening in areas of least resistance.

"Attacks either go through the supply or on the supply chain, and the pandemic has only made networks more complicated with increases in remote working and more connections as a whole," he said.

"Not all businesses have a wealth of resources, so even simple things such as offering training to current employees or making smaller steps or ensuring the basics are covered in protecting your company's OT infrastructure can make a huge difference," he added.

ABS Consulting has recently partnered with Obrela to increase its cybersecurity protection and output.

This partnership was made to allow both parties to get into the market quickly and begin shoring up options.

Obrela primarily covers the IT side, which combines with ABS's OT speciality to allow them to cover more ground within the computing sphere.

"They understand security operations and they've been doing it for a decade and we understand OT cyber and risk and assessment which we've been doing for several years," Bramson concluded. "It's a good combination of coming together and offering protection services. Protecting OT cyber is often a new concept in these markets and so there's no one else to offer these services."

He said: "There is more pressure through regulatory environments and increasing volumes of cyberattacks, or even market pressures through consumer demand, for companies to take their own security more seriously."

Back to Homepage

Back to Technology & Innovation