Hackers are after your Water and Wastewater Network – Big or Small!

Credit to Author: William Moulton| Date: Tue, 15 May 2018 19:52:20 +0000

“Ours is too small” you say. Is it?

For a second, let’s consider what these cybercriminals stand to gain from you: financial, data (operational, client, etc.), bandwidth, processing, and power. You likely thought of the first few – but have you considered how much processing power you could also be offering?

Why would processing, power and bandwidth be of interest? Cryptocurrency mining. It’s a constant game of measuring energy input (processing power) versus output of mined currency value. You also must consider the hardware costs involved with having specialized equipment to carry out the mining tasks.

Hackers are targeting corporations, utilities, and municipalities that have extensive processing abilities in place to run their business or service. With access to these power, processing and bandwidth resources, hackers can remove the expense side of their profit calculations, where regardless of the cost of energy to mine, when it’s free, it will always be worth it.

Water & Wastewater utilities are at a particular disadvantage because there are always so many distributed assets that need to be monitored and controlled. With the ever-increasing downward pressure on expenditures, utilities must rely on remote monitoring in order to make the most effective use of their resources. These distributed assets, will typically have some kind of edge node(s) and communication path back to the Supervisory Control and Data Acquisition (SCADA) system.

Because these systems sit on the edge of the network, that opens them to the most risk for intrusion. Should we shut it all down, go off-grid, and revert to paper records? No. There are awesome advantages to having smart connected infrastructure, and they can empower your utility to realize true gains. With that to gain, special consideration needs to be given to the edge nodes and network that is going to be deployed at the edge.

So, what steps should you take to protect your Water & Wastewater network? Get to know the manufacturer of the hardware and software you choose. Using a defense-in-depth approach to all layers of your edge network starting from your connected products, your edge control, and the smart software that gives you your operational advantages can also offer you confidence that your system is secure. The cybersecurity story is not a destination, it is a journey that needs constant attention and will continue to evolve.

We are living in a time where automation hardware obsolescence speed is increasing – not because the hardware or software is failing – but because of the system’s ability to cope with next generation cybersecurity features, communication standards, and its ability to be compatible with security patches.

There are many reasons that a hacker would target a Water and Wastewater utility, with one of them being a cheap way to generate cryptocurrency. You can operate in a cybersecure way without completely disconnecting from the world – observe a defense-in-depth approach and a manufacturer that understands cybersecurity and its application in #SCADA & Telemetry networks.

We have a dedicated Cybersecurity services team, and SCADA & Telemetry expertise to help you on your journey of operating a robust and secure Water & Wastewater Network. If you have questions or want to discuss this topic further, feel free to leave me a comment below.

The post Hackers are after your Water and Wastewater Network – Big or Small! appeared first on Schneider Electric Blog.

http://blog.schneider-electric.com/feed/