A recent network hack intrusion out of the City of Oldsmar FL illustrates the importance of a solid network security protocol within operational technology systems. In the Oldsmar case, an unknown hacker gained access to the city’s water control SCADA system and attempted to “poison” the water supply by increasing the levels of sodium hydroxide present in their treated water.
Stories like this, and others, detailing unauthorized access into control systems and networks, are scary and becoming more common. With the proliferation of internet-connected devices and cloud services/infrastructure, a multifaceted, multidisciplined approach is required. For years, Enterprise Automation has been securing OT industries, especially municipal water and wastewater, by creating and maintaining complex OT/IT cybersecurity integrations.
In this particular story, numerous methods could and should have been in place to prevent and isolate the threat. Some examples:
- User restricted remote access with individualized access credentials and two-factor authentication.
- Setpoint limit control, thereby preventing unsafe operation levels
- Physical separation or timeout of remote connections
- Utilizing dedicated remote access hardware purpose-built for OT applications
- SCADA/PLC alarming of unsafe detection levels
Enterprise Automation is well versed in Department of Homeland Security (DHS) cybersecurity audits along with auditing systems with DHS’s Cyber Security Evaluation Tool (CSET) for providing industry-recognized assessment for OT infrastructure.
Enterprise Automation helps complex OT environments secure and maintain their networks, keeping hackers at bay and keeping your company out of the news.
If you’re not comfortable with the cybersecurity approach you currently have, or if you’d like to discuss how EA can help you quickly remove and reduce threat opportunities, contact us.