Uno de los ataques cibern\u00e9ticos m\u00e1s infames a la infraestructura cr\u00edtica, o CI, ocurri\u00f3 en mayo de 2021, cuando Colonial Pipeline fue atacado con ransomware. La brecha result\u00f3 en el cierre de las operaciones del oleoducto, escasez de gasolina y un aumento en los precios del combustible. El incidente ilustra los problemas \u00fanicos que est\u00e1n involucrados en la seguridad cibern\u00e9tica para CI, como oleoductos, centrales el\u00e9ctricas, servicios el\u00e9ctricos, plantas de tratamiento de agua, represas, puertos y sistemas de transporte masivo.<\/p>\n
One of the most infamous cyberattacks on critical infrastructure, or CI, occurred in May 2021, when the Colonial Pipeline was hit with ransomware. The breach resulted in shutdown of pipeline operations, a gasoline shortage and a spike in fuel prices.<\/p>\n
But the attack, which targeted billing systems, didn\u2019t cause the shutdown. Rather, the pipeline\u2019s operators turned off pumping systems over concerns the attackers could gain control of operational technology, or OT, and place public safety at risk.<\/p>\n
The incident illustrates the unique issues that are involved in cybersecurity for CI such as petroleum pipelines, power stations, electric utilities, water treatment plants, dams, ports, and mass transport systems. Exploits that target IT might result in exposed data or business disruption. Attacks involving OT could result in injury, illness, or worse across cities or regions.<\/p>\n
That\u2019s why operators of CI manage OT differently from how typical organizations handle IT. Most enterprises continually upgrade systems, with a focus on protecting data. CI operators deploy systems once and hope not to change them for years, with an emphasis on maintaining safety.<\/p>\n
But OT-specific approaches are no longer adequate for safeguarding CI, for two reasons. First, OT and IT are becoming interconnected as OT becomes digitized. Second, quantum computing could soon render existing password and data encryption strategies obsolete.<\/p>\n
In response, CI operators should borrow approaches from IT security protocols but apply them in OT-specific ways. In particular, they need to conduct thorough risk assessments, embrace zero trust security, and implement micro-segmentation to safeguard CI.<\/p>\n
Adapting IT security to OT needs<\/strong><\/p>\n Where IT people talk about \u201c5 nines\u201d of uptime, or 99.999% availability, OT pros think in terms of 11 nines. Both groups use the term \u201creliability,\u201d but the difference in degree becomes a difference in kind.<\/p>\n It\u2019s part of why OT managers adhere to the\u00a0Purdue Model<\/a>, a framework for industrial control system security, developed at Purdue University in the 1990s. The Purdue Model emphasizes segmentation of operations, processes, controls, and sensors to protect OT from cyberattacks. OT is completely isolated from IT, with the equivalent of a demilitarized zone between them.<\/p>\n The Purdue Model remains a bedrock of OT security. But it\u2019s no longer sufficient, because OT properties are no longer truly separated from IT. OT systems rely on expanding networks of IoT devices. They\u2019re increasingly monitored over remote connections. Some are disconnected from the internet but connected to corporate IT. Others are cut off from IT but exposed to the internet.<\/p>\n Today, CI needs a holistic approach to OT security that adapts traditional IT cyber practices to overcome the shortcomings of piecemeal OT protections.<\/p>\n Know your OT enemies and exposures<\/strong><\/p>\n Strengthening OT security for the quantum era starts with risk assessment. Many organizations lack a clear picture of how their OT systems are vulnerable \u2013 and the potential consequences of those vulnerabilities.<\/p>\n CI organizations can leverage assessment tools designed for IT security by using these tools to identify all the resources on the network, down to the firmware level, and uncover security gaps. Keep in mind that if an assessment tool can find a resource on the network, so can an attacker.<\/p>\n An effective tool should provide the organization with a risk score. But remember that the tool is likely designed for IT, not OT. The organization needs to understand how the tool calculated the risk score and then factor in OT requirements to gain a true understanding of the vulnerabilities. Now the CI organization can prioritize remediations based on the likelihood of attack, the sensitivity of the data, and the criticality of the infrastructure.<\/p>\n Zero Trust with temporal authentication<\/strong><\/p>\n The federal government has mandated a\u00a0zero trust approach<\/a>\u00a0to cybersecurity, and organizations like NIST have issued\u00a0zero trust frameworks<\/a>. While zero trust covers multiple pillars of cybersecurity, from identities to data, the basic idea is \u201cnever trust, always verify.\u201d<\/p>\n That means authentication of any user or system that requests access to a resource should be temporary. Every entity should re-authenticate for every resource, every time it wants access. That way, a malicious actor can\u2019t break into the network and gain de facto access to everything.<\/p>\n Zero trust replaces perimeter-focused, defense-in-depth security that hardens the edges but leaves the center vulnerable. It shifts the focus of security to users, which typically are the most vulnerable component of the infrastructure.<\/p>\n Zero trust dovetails with risk assessment, because it\u2019s risk-based. It tailors access control to each entity that wants access. It\u2019s ideal for centralized, mission-critical OT systems supported by a growing number of IoT devices at the edge.<\/p>\n Micro-segmentation for stronger security<\/strong><\/p>\n The third piece of the OT security puzzle is micro-segmentation. Traditional segmentation involved roadblocks like firewalls and virtual LANs. Micro-segmentation is more sophisticated, enabling organizations to isolate any user, application, or device, no matter where it appears in the infrastructure.<\/p>\n Micro-segmentation is based on identity, with the assumption of least-privilege access. For example, a developer might be granted access to a portion of the system that requires upgrade but be prevented from accessing any other part of the infrastructure.<\/p>\n In the past, segmentation required extensive planning and system upgrades that could take months to realize. In contrast, a micro-segmentation solution based on software-defined networks can be rolled out in one or two weeks. Agencies can deploy either on-prem or in the cloud, with no need to replace hardware.<\/p>\n The OT systems that control critical infrastructure involve unique security and safety requirements. But they\u2019ll increasingly intersect with IT systems and face new vulnerabilities in the quantum computing era. By leveraging risk assessment, zero trust, and micro-segmentation, OT operators can adapt to these challenges while maintaining their traditional focus on CI safety and continuity.<\/p>\n Darren Pulsipher is Chief Solutions Architect Public Sector at Intel Corp.<\/i><\/p>\n