Energy and water are two of the most central critical infrastructures (CIs), heading toward more interconnected systems, especially through the integration of industrial internet of things (IIoT) technologies. This continuing development in the energy and water sectors has allowed people and businesses to enjoy a more efficient and reliable flow of resources — but it has also made it more difficult to secure each significant system behind the infrastructures. As vulnerabilities in the systems behind CIs increase, specifically for supervisory control and data acquisition (SCADA) human machine interfaces (HMIs); so say Stephen Hilt, Numaan Huq, Vladimir Kropotov, Robert McArdle, Cedric Pernet, and Roel Reyes of Trend Micro in a recent blog. They identified a number of exposed and vulnerable HMIs.
See their report, ‘Exposed and Vulnerable Critical Infrastructure: Water and Energy Industries’. Security gaps could lead to bigger problems due to the interdependent nature of critical infrastructure sectors and, more importantly, the natural dependence of people on these infrastructures, the report warns.
Comment
Andrea Carcano, CPO and Co-founder, Nozomi Networks, said: “The challenges of protecting ICS [industrial control systems] are real. Attacks targeting critical infrastructure – from transportation systems to power, water, energy and beyond – are on the rise and there are legitimate concerns from asset operators that tackling security will impact uptime of critical systems.
“Human Interface Systems (HMI), in particular, represent a key risk for ICS security as they help human operators interact with control or SCADA systems and as a result can give cybercriminals access to the network. For example, an attack could be the result of an operator at the water utility opening a browser and clicking on an advertising link causing the malware to download to a HMI device (running Windows XP). Attackers continue to successfully exploit the human element of the chain to gain a foothold in networks, able to then navigate to the deep and secret areas of the infrastructure.
“In light of those events CNI organisations should give a high priority to re-assessing their cyber security programs, evaluate where they are in relation to government recommendations, and inform themselves about current technologies available for protection.By applying artificial intelligence and machine learning for real-time detection and response, organisations can identify operational changes that may indicate the presence of malware or other issues within industrial control systems, which are the heart of power reliability. Such real-time monitoring means utilities can rapidly discover and act to remove malicious code and the risks they pose to these environments before harm is done.”
