The Colonial Pipeline Shutdown Demonstrates How Precarious Our Critical Infrastructure Security Really Is

Greater Security Must be Applied to all Operational Technology Systems

The Colonial Pipeline shutdown, caused by a ransomware attack, highlights the precarious position of many critical infrastructures. 

The effects of the pipeline cyber incident are widespread, as 45% of the U.S. East Coast relies on it for gasoline, diesel fuel and jet fuel. Several southern states are reporting widespread gas shortages as panic buying took hold when news began to spread and the potential effects of the service interruption were better understood. 

While attention has been focused on the Coastal Pipeline, this security breach of a U.S. critical infrastructure is not the first in 2021. In February, an unknown entity gained unauthorized access to the water treatment system in Oldsmar, Florida and attempted to increase the chemical dosage in the treated water to dangerous levels. In that case, a vigilant water operator noticed something strange occurring and intervened before the utility’s customers were affected. 

In 2020, Israel and Iran traded cyber ‘blows’ in April and May, with an Israeli water treatment system being impacted by Iranian hackers while the Israelis shut down service at a critical Iranian shipping port for hours.

Critical Infrastructures are an Open, Often Too-Easy Target

Incidents like these are being reported more and more each day as gangs of malicious cyber actors and nation states, using knowledge and skills they’ve developed over the past few years, actively seek out and exploit critical infrastructure control systems. 

The operational technology (OT) that makes up the bulk of the systems that monitor and control the transport of fossil fuels (like the Colonial Pipeline), electrical transmission and distribution, water and wastewater treatment, manufacturing and other industrial functions on which we rely consist mainly of legacy equipment, sometimes 15-20 years old. This equipment predates the surge in cyber activity that impacts such systems, and their age and limited technological capabilities require compensating controls to protect them. 

In addition, organizations are relying more and more on remote access to gain improved visibility and access to their OT systems. This functionality, while beneficial, also exposes the systems to the Internet where they can be discovered and exploited.

All Critical Infrastructures Need Security

If you have OT systems and you’re not sure if they’re vulnerable to a cyber attack, DirectDefense can help. Our Connected Systems group has 40+ years of experience with OT and Supervisory Control and Data Acquisition (SCADA) system security design, execution and management. 

Our team of industry experts are equipped to evaluate your OT system architecture and segmentation, provide incident response services to reduce the impact of cyber incidents, and perform a complete technical assessment of your OT environment and identify areas of improvement. In addition to these services, we offer OT/SCADA real-time monitoring, properly scaled and tuned for the differences between traditional IT network environments and industrial OT/SCADA network environments. Contact us today to improve the security around the heart and soul of your critical infrastructure!