The industrial revolution of the 18th century was famously invoked by a step up in technology. Industries which had traditionally relied on work by hand started to embrace a new future of machine use to dramatically enhance output levels, efficiency and financial return.
Comparatively, the twenty-first century has seen a similar revolution, particularly in critical national infrastructure industries, where IT has been and is increasingly being used to control, maintain and modify their output. With our reliance on critical infrastructure increasing and their levels of IT connectivity growing, the security of those services is imperative to maintain availability.
In this blog, we will introduce Operational Technology (OT) and the security of it, through five key facts:
1) What is operational technology?
Technology described as operational technology refers to a computing system which is used to manage industrial operations such as production line manufacturing, mining operations control, oil and gas monitoring to name but a few. As an example, think of your local or national electricity distribution authority. They will have computerised systems which can monitor the demand for electricity and respond to that demand by re-distributing or using contingent supplies.
2) Critical national infrastructure
In the UK, critical national infrastructure is divided into thirteen sectors by the CPNI (Center for the Protection of National Infrastructure). These sectors are:
- Civil nuclear communications
- Emergency services
3) Operational technology security is difficult to maintain
Operational technology solutions can be highly vulnerable to exploits for a number of reasons. For example, they often are proprietary systems which receive no updates or continued development. In cases where they are built on a commercially available platform or operating system, the software itself usually requires older versions of those platforms due to dependencies, which themselves are also vulnerable. Some operational systems are noted as being as old as ten years with little to no modification or update.
4) Ransomware attacks have targeted operational technology systems
Ransomware and other availability threatening attacks have huge implications for operational technology systems, which could render entire solutions unavailable. There have already been notable cases of attacks, such as the ransomware attack on a large-scale Brazilian electricity provider, whereby four terminals were locked out by the CryptoLocker variant.
5) The problem of OT cyber attacks is widely acknowledged
Operational technology system owners and operators have been aware of this problem since the early 1990s. However, with cyber attacks growing in frequency and impact; and with their systems operational value becoming increasingly important, the risk is starting to outweigh the ability to ignore.
Conclusion: The Challenging Road Ahead
For operational technology system owners and operators, the desire to update, upgrade and secure is met with significant challenges. The downtime of critical functions and systems in order to upgrade and secure is undesirable and in some cases impossible due to third-party reliance. Take for example the national water supply, cutting off a communities water supply to replace or upgrade an operational technology system may be considered unacceptable.
Whatever the solution, the white elephant in the room is becoming harder and harder to ignore. The WannaCry ransomware variant, which wreaked havoc globally in the summer of 2017 was indiscriminate in its targets, including both personal PC's and those used by businesses to control processes and systems. Both Maersk and the UK's NHS are perfect examples of organisations whom were interrupted as a result.
More of a shot through the hull, rather than across the bow; yet never the less a warning of the shape of things to come.