As organizations expand their digital footprint, it becomes imperative to protect the security, safety & reliability, availability and integrity of their systems. Cybersecurity threats must be taken seriously and met proactively with a system-wide defensive approach aligned to the organizational needs. It is of utmost importance to understand that every component that you introduce into your infrastructure could be an entry point for an attacker into your Electrical Infrastructure making you vulnerable to a cyber attack. With the appropriate security measures, and the right supply chain strategy you can ensure the resilience of your Infrastructure.

Discover how Eaton can help you secure your business continuity. 

Why would cyber criminals attack your facility?

 

There are several objectives a hacker can have for attacking your business. There are hackers who spy into your business and could potentially have access to, or steal, sensitive data. Data - whether this is personal data or business data - is valuable and hackers can gain money by selling data to third parties. In most cases OT systems allow an easy entry point to the attackers from your OT infrastructure, they are able to hack into the IT infrastructure as a next step. There are  examples of attackers that stole credentials and gained remote access to companies network that enabled them to install malware in the IT systems and siphon data. But it is not only data that gain a cyber criminals interest. When it comes to Operation Technology a breach in the cybersecurity chain gives hackers the possibility to create fear and chaos by taking over control of your OT systems. Such a breach results in the compromise of safety and reliability of your Infrastructure. 

• Manipulation of View / Control – Manipulation of control is one of most important objectives of a Cyberattack, it can have severe impacts if command & control is compromised, it can be manipulated to bypass safety checks potentially leading to accidents. Manipulation of view is done to hide activities or to force an operator in taking actions which may cause disruptions to the operations.
• Loss of View / Control – Loss of control is an important objective for an adversary who is trying to disrupt your operations. It will prevent operator from taking actions to ensure safe operations putting lives at risk. Temporary or permanent loss of view blocks alarms, warnings and any malicious activities being carried out within the current operations.
• Establish remote access / exfiltration point – Establishing a persistent backdoor into a control network is an objective that comes with multiple rewards like data exfiltration, remote control of the OT networks. Data exfiltration is done either to steal confidential process related data or Intellectual Property to learn about a network for further advancement of attack. 
• Malware / Ransomware – Delivering Malware into the OT network or into the Enterprise IT systems by pivoting via weak OT controls is an objective that is commonly observed in attacks that are happening around the world right now. Ransomware encrypts a victim's files then demands a ransom from the victim to restore access to the data/IT asset. Higher the value of the assets taken siege, higher is the ransom. OT systems are one of the most valued assets for Industries, therefore are always within the radar of the adversaries.

There are multiple entry points - together called the attack surface -  for cybercriminals to gain access to your business and where they can interact with the system (input, output, manipulate control, elevate privilege, etc.). From an IT perspective, it is well known that hackers try to breach via email and the internet for example. But with the Internet of Things, connectivity is added to your electrical power system, your HVAC system, your machines, your fire detection system, your emergency lighting escape routing and so on. All of these electrical systems are potential targets for cybercriminals. Imagine the fear and chaos the loss of control and disconnection of systems and/or disruption of your processes would mean for your company, employees, and clients.

An effective cybersecurity strategy for facility operational technology requires a comprehensive strategy that covers People, Process and Technology. 

People

People are the weakest link in the chain when it comes to Security. Skilled attackers abuse the element of trust and make way into the systems via Social Engineering. Be aware of social engineers - hackers that enter your business through human interactions (e.g. with your employees) . Defending your organisation by training your people, vendors and internal stakeholders becomes the first line of defense. Ensure that you select trustworthy suppliers who understand the importance of Cybersecurity and have a robust Cybersecurity program.

Process

Ensure your processes consider Cybersecurity health of all the components in your Infrastructure and have defined roles, responsibilities. Ensure you have a robust Vulnerability management plan, Incident response plan and a dependable disaster recovery plan. 

Technology

Select products, systems and solutions that are designed with cybersecurity in mind and meet industry standards through its full lifecycle and are regurlarlyassessed for potential vulnerabilities and are patched the discovered Security loopholes on a regular basis. Its also imperative that your facility OT network and assets are periodically assessed for Cybersecurity.

Discover how Eaton is doing all in its power to not be the weakest link in your systems.