Way back in 2015, I interviewed several officials working at utility companies for a column I was working on for Nextgov about why we had not at the time experienced a major attack against our critical infrastructure. There were several reasons why our nation was so protected from an attack against the power grid, the water system, natural gas pipelines, transportation control networks or any other system that is considered a part of the countrys critical infrastructure. The biggest reason was because operational technology, which among other things can help to control objects like valves and pipes in the physical world, were largely both proprietary and unnetworked.
Back in 2015, attackers needed to breach a facility like a power plant through their IT network and then try and find some connection into the OT network if they hoped to influence the physical world. And even if they were able to locate one of those rare places where IT and OT meet, they would also need to be skilled in whatever proprietary system they were targeting in the OT network.
A lot has changed since then. With many of the older workers who knew how to turn wrenches and manipulate much of the aging physical infrastructure now retiring, utilities had little choice but to increasingly network their OT functions. The advantage of doing that for critical infrastructure providers is twofold. First, it lets them easily monitor and manipulate the OT network remotely. And secondly, it allows the IT staff to take over many of the functions formerly performed by all those retiring workers. And while all that was taking place, OT manufacturers were busy streamlining their products to the point where the interface of many OT technologies gradually became little different than IT devices.
All of that is an inevitable shift in moving critical infrastructure forward, but it comes with risks. Opening up the OT network to the IT staff and remote management also potentially exposes it up to attackers.
Just last week, the Cybersecurity and Infrastructure Security Agency issued a warning about ongoing attacks being made against water treatment plants. The alert pointed out several previously undisclosed attacks made against treatment plants around the country. While most of the attacks cited in the alert involved ransomware, there have also been more serious threats launched against critical infrastructure that probably would not have been possible back in 2015.
But today, its a different world. Department of Homeland Security Secretary Alejandro Mayorkas reiterated that point during an interview with the USA Today newspaper last week, citing an incident where hackers tried to release poison into the water supply of Oldsmar, Florida.
Attackers infiltrated the OT network of a water treatment plant and attempted to change the levels of sodium hydroxide being added into processed drinking water. At low levels, sodium hydroxide can remove heavy metals from the water supply. At high levels, it can be fatal, causing severe chemical burns to anyone who drinks it or even comes in contact with contaminated water. Thankfully, in the Florida case, the extra chemicals were detected and no poisoned water reached the public.
The Gartner cybersecurity firm wrote in their blog that incidents like the Florida water treatment plant attack should be a wakeup call for better OT security. Sadly, the firm also predicts that without serious change, we are likely to see injuries or even fatalities stemming from this kind of an attack by 2025.
The attack on the Oldsmar water treatment facility shows that security attacks on operational technology are not just made up in Hollywood anymore, the Gartner blog states. The world has seen real incidents where events originating in the digital world had an impact on the physical world.
And its not just utilities that should be worried. Many of the worlds largest data centers are packed with both IT and OT devices. They could not run without air conditioning, electricity and other physical infrastructure, much of which runs as part of an OT network.
Honeywell studied this issue as part of a report entitled Rethinking Data Centers as Resilient, Sustainable Facilities. To gather data for the report, researchers surveyed facility managers across the data center sector in the United States, China, Germany and Saudi Arabia. When asked about their biggest fears, those managers cited OT cybersecurity as their third most pressing concern, with 72% saying it was a serious issue at their data centers.
It is crucial to reduce unscheduled downtime in data centers as much as possible, said Manish Sharma, vice president and chief technology product officer of Honeywell Building Technologies. Giving data center operators better insight and control of their building and OT systemsand treating them with the same importance as the critical IT systems can help to better identify efficiencies, reduce potential outages and optimize security, fire and safety procedures.
Utility operators should take the same track that data center managers have been following and will begin to put more emphasis on OT cybersecurity. Back in 2015, the threat to critical infrastructure was minimal, almost non-existent. Today, successful OT attacks are already happening. And without rapid changes in the way OT cybersecurity is prioritized and handled, there is little stopping those attacks from escalating. Its a race against time at this point, and the attackers seem to be at least a couple of steps ahead of the OT security meant to constrain them.
John Breeden II is an award-winning journalist and reviewer with over 20 years of experience covering technology. He is the CEO of the Tech Writers Bureau, a group that creates technological thought leadership content for organizations of all sizes. Twitter: @LabGuys
Read the original:
Operational Technology in the Crosshairs - Nextgov
- Report: Apple acquires French startup behind AI and computer vision technology - 9to5Mac - April 22nd, 2024 [April 22nd, 2024]
- CACI Awarded $1.3 Billion Task Order to Provide Communications and Information Technology Expertise to U.S. ... - Business Wire - April 22nd, 2024 [April 22nd, 2024]
- What is semi-automated offside technology and how does it work? - The Athletic - April 22nd, 2024 [April 22nd, 2024]
- Can technology save us from an ecological apocalypse? - interview - CyberNews.com - April 22nd, 2024 [April 22nd, 2024]
- Does LaLiga have goalline technology? What about other major leagues? - AS USA - April 22nd, 2024 [April 22nd, 2024]
- Driver Assistance Technologies: NHTSA Should Take Action to Enhance Consumer Understanding of Capabilities and ... - Government Accountability Office - March 31st, 2024 [March 31st, 2024]
- OpenAI reveals Voice Engine, but won't yet publicly release the risky AI voice-cloning technology - The Associated Press - March 31st, 2024 [March 31st, 2024]
- Nexalin Technology Full Year 2023 Earnings: US$0.63 loss per share (vs US$0.30 loss in FY 2022) - Yahoo Finance - March 31st, 2024 [March 31st, 2024]
- 'Battle for your brain': What the rise of brain-computer interface technology means for you - WBUR News - March 31st, 2024 [March 31st, 2024]
- Firsthand Technology Value Fund (NASDAQ:SVVC) Research Coverage Started at StockNews.com - Defense World - March 31st, 2024 [March 31st, 2024]
- Suzhou Anjie Technology Full Year 2023 Earnings: Misses Expectations - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Inside the shadowy global battle to tame the world's most dangerous technology - POLITICO Europe - March 31st, 2024 [March 31st, 2024]
- The Technological Pivot Of History: Power In The Age Of Exponential Innovation Analysis - Eurasia Review - March 31st, 2024 [March 31st, 2024]
- 'Women Behind the Wheel' explores the intersection of gender, culture and cars - NPR - March 31st, 2024 [March 31st, 2024]
- Shanghai Weihong Electronic Technology Full Year 2023 Earnings: Revenues Beat Expectations, EPS Lags - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- A Look At The Fair Value Of Powertech Technology Inc. (TWSE:6239) - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Weaver Network Technology Full Year 2023 Earnings: EPS Beats Expectations, Revenues Lag - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- New York City will introduce controversial AI gun detection technology amid subway crime crisis - SiliconANGLE News - March 31st, 2024 [March 31st, 2024]
- Earnings Not Telling The Story For Beijing CTJ Information Technology Co., Ltd. (SZSE:301153) - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Vontron Technology Full Year 2023 Earnings: EPS: CN0.35 (vs CN0.34 in FY 2022) - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Huawei Revenue Rises as Technology Giant Commits to Growth - Technology Magazine - March 31st, 2024 [March 31st, 2024]
- Shenzhen Fortune Trend technology Full Year 2023 Earnings: Beats Expectations - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- USPACE Technology Group Limited (HKG:1725) May Have Run Too Fast Too Soon With Recent 28% Price Plummet - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- NYC to test gun-detecting technology in subway system - SILive.com - March 31st, 2024 [March 31st, 2024]
- Cancer Treatment: 3D Printing and Scanning Technology - Surviving Mesothelioma - March 31st, 2024 [March 31st, 2024]
- Does Contel Technology (HKG:1912) Have A Healthy Balance Sheet? - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Oppo Find X7 series now supports 5G-Advanced technology with up to 10 Gbps downlink speed - The Indian Express - March 31st, 2024 [March 31st, 2024]
- DCPS receives nearly $20k in grants for technology program advancements - The Owensboro Times - March 31st, 2024 [March 31st, 2024]
- Hangzhou Electronic Soul Network Technology Full Year 2023 Earnings: Misses Expectations - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- International Business Digital Technology Full Year 2023 Earnings: CN0.07 loss per share (vs CN0.019 loss in FY ... - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Analysts Are More Bearish On Guangzhou Tinci Materials Technology Co., Ltd. (SZSE:002709) Than They Used To Be - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Daheng New Epoch Technology Full Year 2023 Earnings: EPS: CN0.11 (vs CN0.16 in FY 2022) - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Tesla offers U.S. customers a month's trial of its driver-assist technology - Reuters - March 31st, 2024 [March 31st, 2024]
- Slam Dunk Technology: How AI Is Revolutionizing The Game Of Basketball - Forbes - March 31st, 2024 [March 31st, 2024]
- China Environmental Technology and Bioenergy Holdings Full Year 2023 Earnings: CN0.03 loss per share (vs CN ... - Simply Wall St - March 31st, 2024 [March 31st, 2024]
- Vuma and Huawei team up to launch industry first 50G PON ... - Light Reading - July 15th, 2023 [July 15th, 2023]
- See What Kim Kardashian and Kylie Jenner Look Like With Aging ... - E! NEWS - July 15th, 2023 [July 15th, 2023]
- AFRL conducts swarm technology demonstration > ONE AFRL ... - afrl.af.mil - May 20th, 2023 [May 20th, 2023]
- Shell to use new AI technology in deep sea oil exploration - Reuters - May 20th, 2023 [May 20th, 2023]
- Former Google CEO says AI at 'center' of technology competition between US and China - Fox News - May 20th, 2023 [May 20th, 2023]
- Agriculture and technology combine to drive the industrys growth - Times of India - May 20th, 2023 [May 20th, 2023]
- Technology and the Skills Shortage - Financial Times - May 20th, 2023 [May 20th, 2023]
- New License Agreement Announced for Next-Generation Base ... - BioPharm International - May 20th, 2023 [May 20th, 2023]
- Orion Governance Licenses Technology from GE to Deliver Next Generation Data Governance Solution - Yahoo Finance - May 20th, 2023 [May 20th, 2023]
- World needs to be 'vigilant' as AI technology improves and ... - KTVZ - May 20th, 2023 [May 20th, 2023]
- After Losing Son, Ridgefield Mother Pushes For Technology to Prevent Hot Car Deaths - NBC Connecticut - May 20th, 2023 [May 20th, 2023]
- After last year's fan violence in Queretaro, has Fan ID technology ensured safety for Liga MX fans? - ESPN - ESPN - May 20th, 2023 [May 20th, 2023]
- Bleach: The Soul Reapers' Gigai Technology, Explained - CBR - Comic Book Resources - May 20th, 2023 [May 20th, 2023]
- Cogito Tech - Catalyzing Transformation in Global Healthcare ... - Business Standard - May 20th, 2023 [May 20th, 2023]
- Barriers to Use of Technology in Diabetes Management - Patient Care Online - May 20th, 2023 [May 20th, 2023]
- Blue technology startups presented at the inaugural Gulf Blue ... - The University of Southern Mississippi - May 20th, 2023 [May 20th, 2023]
- CureVac files expanded patent lawsuit against Pfizer/BioNTech over ... - Reuters - May 20th, 2023 [May 20th, 2023]
- Harrison Ford defends use of de-ageing technology in new Indiana Jones film: I know that that is my face - Yahoo News - May 20th, 2023 [May 20th, 2023]
- Sanwo-Olu: Nigeria needs technology to compete with likes of China - Guardian Nigeria - May 20th, 2023 [May 20th, 2023]
- Prejudice in technology, and the necessity of time: Books in brief - Nature.com - May 20th, 2023 [May 20th, 2023]
- New technology uses ordinary sunlight to disinfect drinking water ... - Stanford University News - May 20th, 2023 [May 20th, 2023]
- Incredible AI technology shows what UK cities will look like in 2050 - LADbible - May 20th, 2023 [May 20th, 2023]
- Your Firm and Your Tools - Top Technology Initiatives - CPAPracticeAdvisor.com - May 20th, 2023 [May 20th, 2023]
- Tom Hanks: I could appear in movies after death with AI technology - BBC - May 20th, 2023 [May 20th, 2023]
- Transform your career with Chief Technology Officer online course - Economic Times - May 20th, 2023 [May 20th, 2023]
- e-Learning Jamaica Technology in Education Conference Slated for ... - Government of Jamaica, Jamaica Information Service - May 20th, 2023 [May 20th, 2023]
- Andrew Maynard | What's a Luddite? From Industrial Revolution to ... - TribDem.com - May 20th, 2023 [May 20th, 2023]
- At Yale, Kaloyan Kolev used technology to create and to make ... - Yale News - May 20th, 2023 [May 20th, 2023]
- This technology could alter the entire planet. These groups want every nation to have a say. - MIT Technology Review - April 17th, 2023 [April 17th, 2023]
- The secret lives of snakes and how Georgia College uses technology to study them - 13WMAZ.com - April 8th, 2023 [April 8th, 2023]
- Technology Innovation Institute to host 2nd 'Additive Manufacturing the Future' seminar in Abu Dhabi - Devdiscourse - April 8th, 2023 [April 8th, 2023]
- Can Array Technologies Inc (ARRY) Stock Rise to the Top of Technology Sector Thursday? - InvestorsObserver - March 31st, 2023 [March 31st, 2023]
- Here's Why We Think Pfeiffer Vacuum Technology (ETR:PFV) Might Deserve Your Attention Today - Simply Wall St - February 18th, 2023 [February 18th, 2023]
- Will WM Technology Inc (MAPS) Stay at the Top of the Technology Sector? - InvestorsObserver - February 18th, 2023 [February 18th, 2023]
- Ways in which technology can enhance the abilities of law enforcement agents to assist the community - Times of India - February 7th, 2023 [February 7th, 2023]
- Meet The Titans: Google And OpenView (Microsoft) Faceoff On Chat Technology Innovation - Forbes - February 5th, 2023 [February 5th, 2023]
- MACOM Technology Solutions Holdings, Inc.'s (NASDAQ:MTSI) Stock Has Been Sliding But Fundamentals Look Strong: Is The Market Wrong? - Simply Wall St - February 5th, 2023 [February 5th, 2023]
- WVU Dept. of Ophthalmology acquires state-of-the-art technology for simulation lab - WV News - February 5th, 2023 [February 5th, 2023]
- Executive Vice President of Technology & Operations Alok Sethi Just Sold A Bunch Of Shares In Franklin Resources, Inc. (NYSE:BEN) - Simply Wall St - February 5th, 2023 [February 5th, 2023]
- Is Now The Time To Put Amkor Technology (NASDAQ:AMKR) On Your Watchlist? - Simply Wall St - January 27th, 2023 [January 27th, 2023]
- There Are Reasons To Feel Uneasy About New Oriental Education & Technology Group's (NYSE:EDU) Returns On Capital - Simply Wall St - January 27th, 2023 [January 27th, 2023]
- Technology has set us on a path toward one of two dystopian scenariosbut its not too late to save democracy - Fortune - January 17th, 2023 [January 17th, 2023]
- IonQ Acquires Entangled Networks And Locks In Quantum Networking Technology Critical To Its Future Success - Forbes - January 10th, 2023 [January 10th, 2023]
- Industrialization 3.0 - How Technology, Wall Street, And The Government Can Help The US Win In A World Of Re-Industrialization - Forbes - January 10th, 2023 [January 10th, 2023]
- Connect with aspirational India through technology and work in interest of world: Anurag Thakur to NRIs - Economic Times - January 8th, 2023 [January 8th, 2023]