In May 2021, the pipeline systems of the Colonial Pipeline Company were attacked by cyber criminals. The attackers had no physical access to the pipeline. They probably weren’t even in the country when they orchestrated the attack. The attackers have been identified as the DarkSide gang. The cyber attack trapped the digital control systems that controlled the company’s pipeline systems.
Colonial Pipeline initially paid DarkSide 75 bitcoins, equivalent to approximately $4.4 million, to regain access to their own systems. Luckily, a month later, the Justice Department recovered about $2.3 million of the cryptocurrency ransom paid to the attackers.
As many know, the type of cyber attack against the Colonial Pipeline is known as ransomware. This is just one of many ways cybercriminals can disrupt industrial workplaces.
The most well-known cyber attack on a facility dates back to 2015 at a Ukrainian power plant owned by the regional power distribution company Ukrainian Kyivoblenergo. The company’s computer and SCADA systems were attacked, shutting down 30 substations for three hours. Up to 230,000 customers were lost – about half of the households in the Ivano-Frankivsk region of Ukraine (approx. 1.4 million inhabitants). The tool used was malware called BlackEnergy.
Digitally transformed facilities
The penetration of digital technologies into industrial plants began in the 1960s. The invention of the programmable logic controller (PLC) and the development of SCADA systems brought the power of automation to manufacturing operations. The use of integrated circuits made the implementation of automation systems simpler, easier and more affordable. The rise of the internet, network technology and cloud computing transformed automated facilities into data-driven facilities.
The new phase of industrial operations, referred to as Industry 4.0, has information technology as the base layer of the operational infrastructure. Machines and sensors connected to the Internet or the Internet of Things (IoT) record and collect all the information that one needs to know about plant operations. With the constant flow of data and digital infrastructure, the complete facility management in modern industry is carried out with the help of a variety of digital technologies.
Cyber vulnerability in facilities
The digital transformation of industrial plants brings many benefits such as increased operational efficiency and cost reduction. Added to this are the vulnerabilities that arise from the dependency on the digital infrastructure. Before the proliferation of digital infrastructure, there was only physical access to the facility’s fixed assets and operations. A malicious actor wishing to damage the facility and the company had to perform direct and physical manipulations. This type of attack is highly visible and easy to defend against.
Dependence on digital systems is completely different and opens up many attack vectors that can be exploited. An attack vector is an opportunity, path, scenario, or method that a cybercriminal can exploit to gain access to an organization’s digital systems. As the number of digital devices increases, so do attack vectors. The IoT brings digital and networking capabilities to all devices in a facility. All of these devices are potential openings for a cyber attack. Similarly, the centralized data storage in the cloud computing facility presents another vulnerability.
Yesterday’s facility managers only had to worry about asset management, maintenance, and the physical integrity of the facilities they oversee. But modern facilities have multiplied the facility manager’s challenges. Now they have to take care of the cybersecurity of the facility.
The modern facility manager needs to know how to defend against cyberattacks, plan for layoffs after an attack, and recover from a cyberattack. The variety of ways a cyber attack can be carried out increases the difficulty of the task.
Improving the security posture of facilities
A facility’s security posture is the overall security posture of all devices, networks, software, and people in the facility. Cybersecurity posture is an assessment of how resilient an organization or facility is to preventing and recovering from cyberattacks. To operate safely, the security posture of the facility must be robust and built on strong fundamental principles.
Facility managers can take many actions to improve the facility’s cybersecurity posture. Some of the key actions that need to be taken to strengthen the security posture are listed below.
- Conduct regular security audits of IT assets, including IoT-enabled assets. This sheds light on the weaknesses in the facilities and a roadmap to address them can be created.
- Map the potential attack vectors for the facility. This helps to understand the cyber security risks that the facility faces.
- Implement systems for real-time monitoring of all assets. It becomes difficult to monitor a large number of devices and attack vectors. Monitoring must employ solutions that integrate machine learning algorithms for monitoring.
- Identify and fill the technology gaps in the IT system. In most cases, the gaps manifest themselves in redundant systems, outdated hardware and older software versions. Keep IT systems up to date.
- Employees are one of the most common vulnerabilities exploited by hackers. Regularly train employees on the basics of cybersecurity. Employees should also be educated on basic hygiene to be observed when interacting online.
The role of the facility manager is becoming increasingly demanding in modern facilities that comply with Industry 4.0 standards. Technological advances bring numerous benefits in terms of productivity and efficiency; On the other hand, the implementation of technology on multiple layers and devices offers the possibility for easy attack access for those who want to cause damage.
Facility managers increasingly need to be aware of potential cybersecurity risks facing the facility. Effective facilities management has become a multidisciplinary task, with the importance of cybersecurity increasing every day. This is by no means an impossible task and can be accomplished with detailed planning and accurate forecasting of trends and events.
These facts only reinforce the claim that facility managers need to be much more than just team managers – and the role is likely to evolve even further in the future!