Building in cyber resilience | Envirotec

/in



cyber-security

A criminal cyber-attack on a UK water company in August 2022 saw hackers gain access to customer banking details, and led utilities to urgently reassess cybersecurity strategies. In this Q&A, Philippe Willems, engineering manager at Ovarro, discusses the challenge for the water sector and suppliers.

What are the biggest cybersecurity threats facing the water sector today?
The biggest cybersecurity hazard for water companies, and for all critical infrastructure companies, is an attacker taking control of their IT or OT [operational technology] systems to steal data and block or disrupt operations. Risks stem from water companies still using legacy systems which were installed many years, if not decades, ago.

These systems have minimal, if any, cybersecurity features and present a huge digital attack surface – this means there are many pathways an attacker can take to gain unauthorised access to a computer or network.

Protecting insecure legacy infrastructure can seem like a daunting challenge. The main task for water companies is to update or protect their existing systems. This requires a detailed analysis of their OT network vulnerabilities, before establishing an initial plan to protect the most vulnerable entry points for attackers.

Who is behind water sector threats and attacks, and what are their motives?
There are three main attacker types. Hackers who do it for the sake of doing it – they are perhaps the least concerning. Then there are the attackers who want to block access to computer systems using malicious software, such as ransomware, until a sum of money is paid. The most dangerous and under-the-radar, unnoticed threat comes from state-backed attackers trying to gain access to water companies, and other critical infrastructure, in what is called cyber-warfare.

What steps should water companies take to protect their systems from attacks?
First and foremost, companies must undertake a full assessment of their security systems. The correct steps can then be taken to protect these systems. Actions may include replacing existing unsecured devices with cyber-secure devices, by using firewalls, or by segregating IT and OT networks, to ensure any…

Source…