Lately, we have unfortunately witnessed cyber incidents where hackers do not hesitate to endanger human lives if it benefits them. The attacks on industrial systems have proven this point pretty clearly.
What’s going on?
On the morning of February 5, an employee at Oldsmar, Florida, water treatment plant noticed that this mouse cursor was clicking on the plant’s controls. The intruder attempted to change the levels of sodium hydroxide, also called lye, in the water; moving the setting from 100 ppm to 11,100 ppm. If the poisoned water would have reached the citizens, the consequences would have been catastrophic.
What does this imply?
The point to note is that the hacker intruded into the system not once, but twice. This highlights the fact that this could have been a severe cyber, as well as a physical breach. It also raises questions about the security posture of such a sensitive system.
- Electrobras and Copel, two primary electric utility companies in Brazil, suffered a ransomware attack that forced them to suspend operations temporarily.
- The Operation Spalax campaign was aimed at Colombian government institutions and private companies belonging to the energy and metallurgical sectors.
- It is suspected that the SolarWinds breach could affect the OT systems too, resulting in damaging consequences to the physical world.
The elements of modern industrial systems are fundamental to critical infrastructure. However, OT security is often neglected although IT systems have converged with OT systems because of digital transformation. Attacks on utilities can potentially lead to large-scale power outages. The Florida attack is an eye-opening incident that highlights the significance of avoiding industrial networks from being exposed to external networks.
The bottom line
We are already in an era of cyber warfare and it is only getting worse. Attacks on critical infrastructure are indisputably a national security concern. Besides, various sectors are interdependent and an attack on one could spill on to the other. The incidents listed above are very much capable of foisting real-world damage and thus, cybersecurity needs to be a top concern now irrespective of the sectors involved.