According to the findings of the latest Sectrio Threat Landscape Report, water, and wastewater treatment facilities are among the most attacked sub-segments within critical infrastructure globally. Attacks on these facilities grew 156 percent in H1 2021 underscoring the need to improve security and deploy more robust measures to prevent breaches and attacks from succeeding.
Earlier in the year, a team from Sectrio had interacted with cybersecurity leaders representing the sector. In our discussions, they were able to identify the following as the most important challenges that the sector is facing from a cybersecurity perspective:
- Lack of an integrated approach to securing various infrastructure components that are based on diverse technologies
- Identifying vulnerabilities and ways to combat them
- Micro Segmentation of networks to prevent lateral movement of malware
- Early detection of rogue assets and unauthorized activity
- Operating with contextual and relevant threat intelligence
- Sporadic low key anomalous activity was largely ignored (this could be non-persistent reconnaissance by malicious actors)
Over the years, state-backed APT groups have fine-tuned their activity to slip below the radar of traditional perimeter-focused security measures. Water and wastewater treatment facility operators have however not upgraded their security measures to keep up with such trends.
So what can be done by plant operators to secure their infrastructure?
An ideal approach should start with visibility. Cybersecurity teams should also proactively swoop down and fix vulnerabilities before threat actors can try to exploit them. Plant operators also need to put in place a comprehensive risk management effort having the following components:
- Hackers often strike when plants are in the process of upgrading their infrastructure or adding new devices or assets. Before the new segments come online, the infrastructure as a whole should be tested for new vulnerabilities, open ports, and rogue devices
- Prioritize OT cybersecurity and align the outcomes with your threat and risk exposure levels using threat modeling
- Use OT and IoT cybersecurity solutions to gain visibility into operations from a cybersecurity standpoint and to identify anomalies
- Identify connected assets, networks, and the overall digital footprint of your operations
- Establish access control through multi-factor authentication
- Enforce micro segmentation across technology streams
- Collect passive data from the OT environment across devices and networks
- Use rich threat intelligence to detect threats
- Check the security certifications associated with OT and IoT devices
- Work to understand how IT risks can impact OT and vice versa
- Streamline audits and compliance measures to ensure that vulnerability assessment and remediation are conducted frequently across all environments
To secure your water and wastewater utility business, we are offering a FREE security evaluation. This covers threats, vectors, risks, and simple and easy to deploy ways to deal with cyber threats. Take advantage of this special offer and book your consulting slot now.