Combating Rising Cyber Threats in Critical Infrastructure

Tan Chin Hua

Director, Industrial Control Systems Cybersecurity, Info-security, Electronics, ST Engineering

Businesses are reliant on technology now more than ever and yet, cyber-attacks are on the rise, threatening every aspect of a business. Anyone in this industry field will know that cyber-attacks have evolved and expanded beyond the digital realm of Information Technology (IT) and into the physical world of Operational Technology (OT). The stakes have escalated. A cyber-attack on critical infrastructure has the ability to not only disrupt but destroy essential services, affecting lives.

 

Over the years, there have been numerous cyber-attacks on critical infrastructure and gone are the good old days where we only address IT cyber threats. The changing threat landscape has shown that there is a need to defend the OT network as well. The impetus for the change is compelling. For cyber-attacks, it is no longer a question of IF but WHEN.

 

OT essentially refers to computing systems that manage industrial operations and encompasses SCADA (Supervisory Control and Data Acquisition), ICS (Industrial Control Systems) and/or DCS (Distributed Control Systems). OT systems are traditionally separated from IT networks and undergo little change for years, often running on legacy systems that could be poorly protected. With the revolution of Industry 4.0, the convergence of IT and OT is imminent, and organisations should not make the mistake to view IT and OT as standalone issues to address. It is imperative to protect the OT environments of our increasingly interconnected critical infrastructures, to ensure the proper and undisrupted functioning of our digital economy and society.

 

A successful and coordinated IT/OT cybersecurity convergence will require close cooperation between previously siloed departments.  As cyber defenders, we have to get it right every single time, we have to protect the full scope of technology because cyber attackers only need to get it right once. The most common types of cyberattacks affecting OT are malware, phishing, spyware and mobile security breaches. Across the globe, organisations are left vulnerable to these attacks simply because of these 4 points:

- Lack of cybersecurity visibility on the OT environment

- Lack of personnel with the required knowledge and skillset

- Rapid pace of change in digital transformation

- OT network complexity

 

To combat these evolved cyber threats and challenges, organisations must take steps to improve the security posture of their infrastructure, such as implementing security tactics that have been tested and proven successful. A successful approach that we have adopted to manage OT is through an effective cybersecurity operation centre (SOC). We convert the usual IT-centric focused SOC into an evolved engineering-oriented SOC, which is capable of managing, detecting and responding to emergencies swiftly. With a background in engineering and a multidisciplinary mindset, we leverage the integrated framework that encompasses all the objectives of IT, Internet-of-Things (IoT) and just to name a few:

- SAM (Safety, Availability, Maintainability)

- CIA (Confidentiality, Integrity, Availability)

- AAA (Authentication, Authorisation, Auditing)

With this framework, we essentially eliminate security gaps and reduce overall cyber risk to our critical infrastructures.  

 

As a business owner in this field, there is a need to engage the proper expertise to design solutions that will meet your requirements while incorporating cybersecurity into the DNA of all your systems. In the colossal and complex OT environment, security is only as strong as the weakest link. When the weakest link is human, security by design is key.

 

In short, securing OT against rising cyber-attacks has emerged as one of the greatest challenges in the digital age. Organisations must continue to relook into their OT strategy and account for the risks posed by cyber threats.