Has it ever occurred to you that the plants that provide you with electricity, that indispensable resource of the modern age, could fall victim to a cyberattack? It seems somewhat unthinkable. Nevertheless, it could happen. Water treatment facilities, power plants, traffic lights and other industrial control systems are all forms of critical infrastructure that are reliant on operational technology. Governments rely on these systems for the maintenance of our society, and in the event of these systems being compromised by a cyberattack then national security could be threatened.

Everyone has heard of Information Technology, but what is operational technology? Operational technology (OT) is the term used for the hardware and software involved in industrial equipment and process assets. It is a much older form of technology than IT, and was first used for automated processes in factories and plants, which it continues to do to this day. The only difference between now and then is the level of sophistication involved.

When something requires automated management of concurrent operations, operational technology is often involved. Water treatment facilities, factories, power plants and transport systems often involve at least some form of OT. The fact that these facilities and systems are so vital to our society is what makes it so important to safeguard the technology responsible for their operation. In the event of a cyberattack, these operations could grind to a halt, causing significant disruption to our lives and enormous financial damages.

OT continues to play an ever-increasing part in manufacturing and industry, and as it does so the vulnerabilities of this technology are becoming more apparent. In a 2016 interview, Christopher Novak, director of Verizon’s Global Investigative Response Unit outlined the root of the problem, “Since so much of what lives in the OT world is so old, a lot of it was never really designed to be connected to an IT environment or be accessible remotely… There are many such challenges on the OT side that the IT world hasn’t really contemplated, or it’s not that simple of an adjustment or a fix.”

Novak is right to be concerned. The task of managing a hack involving a data breach in itself is already a big enough task – requiring servers to be wiped, IoT devices to be cleaned and systems to be restored from recent backups. When it comes down to the task of implementing these recovery techniques with a power plant or transport system, the recovery is more difficult, more expensive and more time consuming.

In the 2019 Ponemon report, “Cybersecurity in Operational Technology”, it was shown that 90% of OT organisations represented in the study had experienced at least one damaging cyberattack over the previous two-year period, with more than 60% experiencing two or more. When OT networks are breached, the downtime involved in the recovery of system functionality can lead to significant financial losses – in addition to the potential disruption to society. In that same report, 50% of organisations stated that it had been necessary to temporarily shut down operations during recovery from a cyberattack.

There are other factors, which also make the recovery of OT networks challenging, such as their complexity when compared with traditional IT networks. Then you have to factor in exposure to the elements – many OT systems are outdoors, meaning that weather events could cause interference with operating conditions. Both of these factors again increase potential recovery time while also leaving OT networks more vulnerable to physical cyberattacks.

The biggest concern in all of this is the fact that, despite OT being enormously vulnerable to cyberattacks, few nations have implemented consistent guidelines for safeguarding operational technology. Imagine the following scene: terrorists launch a successful cyberattack on New York’s traffic signals, turning every light green and causing multiple road traffic accidents with the potential of fatalities. It sounds like a surreal scenario, but it is one that is entirely within the realms of possibility.

It goes without saying that in light of all this, failure to safeguard OT systems poses a major threat to national security in any country. However, while few governments have yet to set standards for OT protection, many are finally realising the significant danger of failing to do so. The cyberattack on a Ukranian power plant in December 2015 was the first successfully executed threat on a power grid, and in November 2020 the Canadian government received intelligence reports that state-sponsored actors were likely to attempt a cyberattack on Canada’s water or electricity supplies, “to collect information, pre-position for future activities, or as a form of intimidation.”

The Solution: AGT

Defending against these kinds of debilitating cyberattacks requires the kind of 360-degree approach to cybersecurity solutions that we, at Advanced German Technology, offer our clients. When it comes to safeguarding operational technology, AGT offers solutions that are designed to protect against physical attacks, cyberattacks and future threats that threaten OT networks. Our Defend, Manage, Automate and Respond solutions will ensure that organisations can stay ahead of the curve when it comes to facing the threats that have emerged and continue to evolve. We offer end-to-end defence solutions that make use of machine learning.

Key Concepts: Sensor Biometric Identity and Multifactor Authentication

At AGT, our machine learning capabilities are improving the identification, management and analysis of sensors, enabling us to continually monitor sensor health status and foresee any potential threats. This means that SCADA operators or SOC operators can be alerted to any dangers. Through our Multifactor Authentication Process, we create obstacles that slow hackers down so that threats can be dealt with prior to systems being compromised.

Strong cybersecurity doesn’t just prevent financial losses and civil disruption – it could literally mean the difference between life and death. If you would like to upgrade the security systems that defend your OT networks, contact AGT .