In May 2021, the pipeline systems of the Colonial Pipeline Company came under attack by cyber criminals. The attackers did not have physical access to the pipeline. They probably were not even in the country while orchestrating the attack. The attackers were identified as the DarkSide gang. The cyberattack held captive the digital control systems that controlled the pipeline systems of the company.
The Colonial Pipeline company initially paid DarkSide 75 bitcoins roughly equivalent to $4.4 million to regain access to their own systems. Fortunately, one month later the Department of Justice recovered some $2.3 million of the cryptocurrency ransom paid to the attackers.
As many know, the type of cyberattack perpetrated against the Colonial Pipeline is called ransomware. It is just one of the many ways cybercriminals can disrupt industrial workplaces.
The most famous cyberattack on a facility dates back to 2015 at a Ukrainian power plant at regional electricity distribution company Ukrainian Kyivoblenergo. The company’s computer and SCADA systems were attacked, disconnecting 30 substations for three hours. As many as 230,000 customers lost power – approximately half of the homes in the Ivano-Frankivsk region in Ukraine (population about 1.4 million). The tool used was malware known as BlackEnergy.
Digitally transformed facilities
The permeation of digital technologies in industrial facilities started in the 1960s. The invention of Programmable Logic Controller (PLC) and the development of SCADA systems brought the power of automation to manufacturing operations. The use of integrated circuits made the implementation of automation systems easier, simpler, and affordable. The rise of the internet, network technology, and cloud computing transformed automated facilities into data-driven facilities.
The new phase of industrial operations, dubbed industry 4.0, has information technology as the base layer of operational infrastructure. Machines and sensors connected to the internet or Internet of Things (IoT), record and collect all the information one needs to know about the plant operations. With the steady stream of data and digital infrastructure, complete facility management in modern industry is performed with the help of a host of digital technologies.
Cyber vulnerability in facilities
The digital transformation of industrial facilities brings many advantages such as increased operational efficiency and reducing cost. Along it comes the vulnerabilities caused due to the dependence on digital infrastructure. Before the prevalence of digital infrastructure, there was only physical access to the fixed assets and operations of the facility. A malicious actor wishing to damage the facility and company had to engage in direct and physical manipulations. This mode of attack is very visible and easy to defend.
The reliance on digital systems is altogether different, opening up many attack vectors that can be exploited. An attack vector is an opportunity, path, scenario, or method a cybercriminal can exploit to gain access to the digital systems of an organization. As the number of digital devices increases, the attack vectors increase. the IoT brings digital and network capabilities to all the devices in a facility. All these devices are potential openings for a cyber-attack. Similarly, centralized data storage in the cloud computing facility also poses another vulnerability.
The facility managers of yesterday had to only worry about fixed asset management, maintenance operations, and the physical integrity of the facilities they oversee. But modern facilities have multiplied the challenges of the facility manager. Now they must worry about the cybersecurity of the facility.
The modern facility manager must know how to defend against cyberattacks, plan redundancies after an attack, and how to recover from a cyber-attack. The multitude of ways in which a cyber-attack can be conducted compounds the difficulty of the task.
Improving security posture of facilities
The security posture of a facility is the comprehensive security status of all devices, networks, software, and people in the facility. The cybersecurity posture is an assessment of how resilient an organization or a facility is to prevent and recover from cyberattacks. For safe operations, the security posture of the facility must be robust and built on strong fundamental principles.
Many measures can be taken by facility managers to improve the cybersecurity posture of the facility. Some of the key actions to be performed to strengthen the security posture are given below.
- Conduct regular security audits of IT assets including IoT-enabled assets. This throws light on the vulnerabilities in the facilities and a roadmap to fix those can be created.
- Map the potential attack vectors for the facility. This helps to understand the cybersecurity risks the facility faces.
- Implement systems to perform real-time monitoring of all assets. It gets difficult to monitor a large number of devices and attack vectors. Solutions that integrate Machine Learning algorithms for monitoring must be employed for monitoring.
- Identify and fill the technology gaps in the IT system. In most instances, the gaps materialize as redundant systems, outdated hardware, and older versions of software. Keep the IT systems up to date.
- Employees are one of the most common vulnerabilities exploited by hackers. Regularly train employees on the basics of cybersecurity. Employees should also be taught about the basic hygiene to be kept in online interactions.
The role of facility managers is becoming challenging in modern-era facilities that are up to industry 4.0 standards. Technology advances are bringing multiple benefits in terms of productivity and efficiency; on the other hand, the implementation of tech on multiple levels and devices provides the opportunity for easy attack access to those wanting to do harm.
Facility managers must be increasingly cognizant of potential cybersecurity risks the facility faces. Effective facility management has become a multidisciplinary task where the importance of cybersecurity is increasing every day. This is by no means an impossible task and can be handled with detailed planning and accurate trends and events forecasting.
These facts only serve to illustrate the requirement for facility managers to be much more than merely team managers - and the role is likely to develop even more in the future!