In a recent vulnerability test, RedTeam Security was able to penetrate a US power grid – both online and offline – within a three day window. A quick Google search of cybersecurity and the energy sector will return thousands of results discussing how the industrial control system (ICS) security environment is in dire straights. Many of the articles highlight how grossly negligent the entire ICS community is in providing proper security. While the threat is certainly there, the reality of the situation is not as severe and can be mitigated with a few improvements to the overall security environment.
Operational Technology (OT) and the overall security environment
Operational Technology (OT) refers to the overall set of computing systems which manage industrial processes, including the energy sector, manufacturing, water treatment plants, etc. A subset of OT is ICS, the mission-critical systems inside of Operational Technology.
ICS has greatest effect on the general public. Generally speaking, these systems are always the first to be protected and have the attention of every government. Recently, Ukraine’s power grid hack and the attempted hack of a NY Dam has brought more awareness to these issues. Outside of ICS, there are systems which still have an impact, but on a much smaller scale.
“American investigators were nevertheless disturbed because the attempt indicated that hackers could take control of computer-operated infrastructure.”
A Dam, Small and Unsung, Is Caught Up in an Iranian Hacking Case, NYTimes
OT and ICS in the Energy Sector
In the energy sector, ICS and OT are two separate entities, which have relationships but are almost always considered separately. OT systems have mostly been proprietary systems to perform a specific function. Prior to the Internet in the mid-1990s, systems would talk across dedicated circuits. These dedicated circuits were expensive to install and maintain, placing restrictions on the amount of circuits installed. Since these were dedicated circuits, the proprietary devices used to manage in the OT environment used proprietary communications protocols and custom equipment.
The early days of ICS were similar, until the arrival of the Internet. This opened up new doors for businesses to include the energy sector. The initial focus for networking technology was in the ICS/SCADA environment. Due to the complex and important aspect of what ICS/SCADA performs, this was a necessity. The issue currently at hand is how OT is handling the advent of new networking technology at locations not always considered in a networking environment.
The New OT
The ability to communicate long distances in a blink of an eye is what makes networking technologies so important and useful. This is especially true in what could now be considered The New OT. While OT will always reference ICS/SCADA in the overall discussion, in today’s energy environment it is imperative to think of OT as everything outside of ICS/SCADA. This makes OT needs unique, thus the differences between ICS/SCADA and OT technologies.
OT technologies are the systems used to manage and maintain substations for distribution of power to districts and neighborhoods. These systems have primarily been maintained by crews of engineers responding to situations at the substations. Some rudimentary monitoring was capable through the original systems or telephone lines, but, for the most part, these systems were stand-alone and required humans to be physically present to repair. Networking technology has changed this dynamic, allowing for remote monitoring and maintenance of these devices. With this technology comes new requirements for securely operating these systems, removing the level of risk associated with network accessible devices.
Pros/Cons of OT and IT Integration
It’s important to understand the benefits and the drawbacks of integrating a new technology in your environment.
Benefits of network accessible OT devices:
- Quicker resolution times for minor events
- Fewer trips to remote substations
- Better monitoring of the OT environment at substations
- Cost effectiveness
Drawbacks of network accessible OT devices:
- Lack of security in device design
- Lack of training for OT engineers (not IT focused)
- Lack of inherent IT/OT processes and procedures
- Lack of prioritization for OT matters from IT personnel
Now that we have identified the challenges in OT and IT integration, our next article will discuss how to apply the cybersecurity triangle (people, process, technology) to the OT environment and how to better prepare for the transition into a networked OT world.
If you enjoyed this post, please comment and share with your network. Follow us @Idenhaus for daily IAM and cybersecurity insights.
Photo Credit: Flickr
Facing challenges with an OT and IT integration? Idenhaus Consulting can help! Give us a call or send us a message to see how we can ease the pain of your IT/OT integration.