Utility companies are the latest targets of sophisticated cyberattacks. To reduce risk and enhance preparedness, consider the tips Brandon Shopp offers below.
For the better part of the past decade, utility companies have been more concerned with the potential for outages than cyberattacks, but this has changed over the past several months. The Colonial Pipeline ransomware attack and the remote cyberattack on a Florida water treatment plant put cybersecurity top-of-mind and made it clear hackers can do real-world damage.
What exactly can utility companies do to ensure they’re keeping their infrastructure safe and (literally) keeping their customers’ lights on?
Utility companies understand they need to upgrade aging infrastructure, but many don’t have the time or budget to do so—and certainly not quickly. This challenge is compounded by the fact much of the technology on which utilities rely is highly proprietary, with different custom protocols and regulations for each industry.
And yet, there are some strategies utility companies can employ today to protect themselves.
Focus on the entire network, including connected devices and sensors. It’s not enough for utilities to simply monitor their on-premises networks. They must have insight and observability into the entire network—including remote assets at the edge—and must be able to monitor every endpoint and all remote systems, so they can detect anomalies across their entire infrastructure and map incidents back to their point(s) of origin. This is the only way to effectively protect infrastructure and minimize the potential attack surface.
Set up intelligent early warning systems. The Colonial Pipeline incident underscores the need for early warning systems capable of automatically detecting and alerting administrators to anomalous network activity. Artificial intelligence (AI) can be used to monitor potential intrusions and intelligently discern activity posing a true threat to the facility, proactively alerting administrators. AI can also be configured to proactively and automatically respond to threats and implement mitigation measures when a specific event occurs.
Analyze performance across the entire IT infrastructure. Cyberattacks are not the only threats. Other events—routine network slowdowns, congestion, storage system hotspots, and, yes, network outages resulting from an attack—can all contribute to an organization’s inability to provide electricity, water, or other essential services.
It’s important for administrators to analyze performance across all aspects of their IT infrastructure, particularly when a suspected problem arises. Being able to simultaneously and automatically analyze performance across the network, storage, servers, applications, and more is critical to maintaining functioning and reliable service.
Given the urgency and gravity of the situation, utility companies must do everything they can to protect themselves and, by extension, their customers. Yes, upgrading aging infrastructure is vitally important, but absent this, organizations can—and must—take immediate steps today to bolster their cybersecurity defenses.
Read the full POWER Magazine Insider article here.