Op-Ed: Operational technology under attack from rising cyber security threats

Among the biggest challenges posed by these attacks is their constant evolution. Hackers become more sophisticated by the day and develop new techniques to gain access to systems and steal sensitive information faster than we can prevent them. Businesses are now contested by cyber criminals with expansive networks of talent and targets.

Nothing is sacred, and threats are also no longer confined to traditional lone-wolf hackers. We’re increasingly seeing organised actors grouping together to cause the most harm — and reap the most profits. That extends beyond the realm of IT and into the operational technology (OT) and even physical buildings that power and house Australia’s critical infrastructure (CI).

The ways hackers are gaining access are also evolving. Last year, a drone was found on the roof of a financial firm, and a few days prior to that, the drone had been used to gain access to an employee’s staff credentials and infiltrate the Wi-Fi network.

The digitalisation of OT means greater rewards and greater risks

When it comes to OT, security considerations are often seen in the context of the threat of terrorism or actions of war. It goes far beyond that. OT is integral to driving innovation and growth in Australia’s industrial sectors as well as increasingly digitalised building and construction.

The digitalisation of building systems, such as power management, fire protection, access control, and visitor tracking, increases their interconnectivity through the internet of things (IoT), leading to better connectivity between legacy systems, edge devices, and the cloud. This results in improved efficiency, cost savings and reduced human error, but it also requires stakeholders take measures to safeguard these OT and systems against bad actors.

The systems that control and monitor physical processes are often complex and weren’t inherently designed for interoperability. The systems that power the buildings and occupant experience require protections that are as or more stringent than IT, and infiltration can be even more disruptive. The challenge isn’t just the vast and unrelenting characteristics of cyber criminals, but the diversity of needs for the facilities and technologies you need to protect.

Using AI to manage the intersection of OT and IT

VIEW ALL

As OT and IT converge, cyber security teams must consider a wider scope of risk — and blend together skill sets for the most comprehensive defences.

In the case of the drone on the roof, the building and its systems became the means to access the valuable data within.

What’s more, dated OT devices that weren’t designed to be “smart” or aren’t properly protected, updated, and patched can become liabilities when connected to a building network. Adding in an application to control this may seem like a simple solution, but with a number of interoperable systems, this can quickly become complicated or unmanageable in-house. There is a growing trend for building cyber security into OT itself rather than retrofitting — a “cyber security by design” approach.

Using AI to manage the intersection of OT and IT

Fighting alone against an invisible enemy can be daunting, but the skills and processes built into OT can also be used to defend it. Automation, sensors, and data analysis are used to improve building equipment and processes and enhance occupant experience. These same tools can be embedded into cyber security responses to maximise defences.

The flexibility and self-learning capabilities of artificial intelligence (AI), including machine learning and deep learning, will make it increasingly essential for OT cyber security. AI can be used to detect previously unknown threats through deep learning and can also employ AI-based deception techniques to mislead attackers and steer them away from vital assets. This leads to a high rate of threat detection without causing alert fatigue.

Further, regulations such as SOCI are a starting point for organisations to pool their knowledge with the Department of Home Affairs and seek assistance on some of these shared vulnerabilities. For OT, having an inventory of potential risk assets helps that organisation build its defences one brick higher.

If the enemy has access to an infinite pit of knowledge and skill resources, OT providers must build their resilience in response. The skills shortage, budget crises, and the fact that OT systems have generally not been as well protected as IT systems creates a challenge to security — but not an impenetrable obstacle.

Connecting OT devices to building networks makes work processes easier, faster, and often cheaper, but security can’t be neglected, particularly for OT. The combination of cunning cyber criminals and growing skills and resource shortages means organisations must make sure OT receives the same cyber security attention applied to more traditional variants of IT.

Balancing the adoption of new technology and protection from cyber threats is crucial.

Stefanie Oakes is general manager, Asia-Pacific services, at Honeywell Building Technologies

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.