At the onset of the pandemic, organizations rushed to deploy remote access to prevent costly interruptions and adapt their workforces to COVID-19. Unfortunately, hasty digital transformations left behind a patchwork of remote access capabilities vulnerable to exploit, particularly in operational technology (OT) environments. As a result, we’ve witnessed a number of attacks on industrial operations, including most recently the attack on the water treatment facility in Oldsmar, Fla.
With the growing convergence of IT and OT, connected operations have become vulnerable to the same threats as their IT counterparts – with remote access creating a bridge for hackers to make their way into OT environments. These system breaches can have widespread reach leading to catastrophic repercussions, and in Oldsmar’s case, they could have even been fatal.
Understanding what went wrong
In early February, attackers took control over one of Oldsmar’s water treatment plant systems, increasing the amount of sodium hydroxide (aka lye) by 11 times. If an operator had not noticed the inconsistency and quickly reversed it, we would have had a major safety event.
The cause of the compromise has been traced back to the treatment plant’s use of Windows 7 – an operating system no longer supported by Microsoft. Investigators believe that hackers may have tapped into the system by exploiting weak password protection and likely used TeamViewer – a desktop sharing software – to gain unauthorized system access. In this instance, once hackers gained access through a single point of entry, namely the Windows 7 machine, they tapped into the treatment center’s operational equipment – all remotely.
In other words, the Oldsmar setup reflected at least four security vulnerabilities:
The Zero Trust approach
In scenarios like these, a Zero Trust approach to OT remote access can make all the difference. It uses unique identities and credentials for users and apps to secure OT, only granting authorization via a limited set of specifically-defined policies. Such an approach requires that:
Particularly when attacks on industrial control systems (ICS) and OT have increased exponentially, it’s critical that organizations adopt Zero Trust – not just to protect themselves, but to ensure that stakeholders across the supply chain are also secured. As malware has become more sophisticated, aggressive attacks can traverse traditional stopgaps, spreading throughout IT, OT, and the cloud. As witnessed in the SolarWinds incident, these breaches can metastasize in stealth, impacting participating customers and partners.
The way forward
Organizations have often lacked the internal infrastructure and capital necessary to implement Zero Trust principles. More recently, Zero Trust solutions have become more accessible both in cost and via the cloud––allowing organizations of any size to properly implement Zero Trust. Products are also available that overlay new and legacy assets to avoid costly cybersecurity-driven equipment obsolescence. And with self-configuring software available, customers can even deploy Zero Trust remote access in minutes.
In today’s remote-first world, it is imperative that organizations embrace a Zero Trust approach as a fundamental tool to secure operations, as well as to improve their safety, efficiency, and accessibility. Otherwise, organizations will continue to experience damaging and costly hacks. Experts estimate that paid ransomware demands in the United States alone could total $1.3 trillion annually, averaging $178,000 per payment––reaching $620,000 with cleanup costs. Few organizations can afford such costs, let alone the reputational damage.
Duncan Greatwood, chief executive officer, Xage