In May of last year, the Eastern European crime group DarkSide shut down the Colonial Pipeline for six days. The pipeline provides 45% of fuel for the East Coast and its shutdown left thousands of service stations without gas and pushed prices to levels that, at the time, had not been seen in years. While the crisis was resolved relatively quickly, it served as a warning of the risks of cyberattacks on critical infrastructure, especially in light of Russia’s invasion of Ukraine less than a year later.
Fortunately, the Biden Administration acted swiftly to prevent such attacks in the future. The President signed an executive order ratcheting up cybersecurity efforts, establishing Shield’s Up, the Cybersecurity and Infrastructure Security Agency (CISA). Government agencies were instructed to adopt a “Zero Trust Architecture.” Such a system design assumes that “anomalous or malicious activity” is “inevitable or has likely already occurred.” It also eliminates “an implicit trust in any one element” and allows online access only with “real-time” and “multiple sources” verifications. But experts warn these actions may not be enough.
The problem? The federal approach assumes IT attacks are the concern but overlooks OT-focused cyberattacks. These attacks “are not always easily identifiable or recognized at all” and “can be mistaken for accidents or malfunctions,” warns control systems engineer and cyber analyst Joseph M. Weiss.
Federal Energy Regulatory Commission Chair Jon Wellinghoff agrees, noting, “The executive order was a great step forward in coordinating federal agencies’ cybersecurity efforts under Homeland Security. But there has not been enough progress on securing operations technology.”
Sensors and other components in smart operations systems often have no capability for passwords, authentication or encryption but are still trusted for day-to-day operations. This lack of security made sense at one time since OT components were not online and thus not a target of cyberattacks. However, that’s changed. Now, without these safety features, malicious and unintentional operational disruptions can be difficult to distinguish, allowing power system cyberattacks to go unnoticed.
It’s happened before. Inadequate sensor protections created uncertainties about the cause of the 2005 Stuxnet attack on an Iranian nuclear facility and a 2008 Florida nuclear plant shutdown. Even today, there is still no evidence that these facilities were even victims of cyber attacks.
Currently, the solution is to create “unidirectional security gateways” that “segment the OT network” and aim to limit malware access between the IT network and OT device. Still, hackers are often one step ahead, and the “zero trust” concept is compromised when unprotected sensors leave the entire network vulnerable.
How do we fix this? Industry experts recommend doubling the number of personnel dedicated to OT security. We must develop a skilled team of OT security specialists, managers, engineers, and operators. Such a team will have the skills needed to address data breaches on both OT and IT systems and respond to threats accordingly. Additionally, converged IT and OT systems can drive the adoption of more zero-trust measures and optimize today’s fragmented security practices.
Thankfully, the U.S. has not yet been a target of cyber attacks in the wake of Russia’s attack on Ukraine. But the threat remains. While we applaud the Biden Administration’s efforts to secure our energy grid, more needs to be done. Failing to act could be a disaster for our energy supplies.