In a water treatment plant in Florida, plant operators watched in real time as a hacker gained remote access to an ICS device and spent less than five minutes in their control software. In that short amount of time, the hacker elevated the levels of sodium hydroxide from 100 parts per million to 11,100 parts per million, a change that could have poisoned the water supply serving approximately 15,000 residents in Oldsmar, a city near Tampa.
U.S. law enforcement agencies are still investigating the ICS attack. While details of the cyber attack are scarce, it’s clear that the warnings from the IT/OT security community about growing cybersecurity concerns for utilities are not just empty threats.
What can critical infrastructure organizations do to prepare for future ICS cyber attacks?
The Florida water treatment plant was lucky. A staffer noticed the malicious change to their control program in real time. Not all critical infrastructure organizations are as fortunate. Organizations should follow some basic IT/OT security practices to safeguard their data in the event of future ICS cyber attacks. A software like versiondog can help utilities save time and effort while securing their IT and OT devices against cyber attack.
Regular backups are crucial to fast and error-free disaster recovery after an ICS cyber attack. versiondog simplifies day-to-day data management tasks like backups for a wide variety of ICS devices. For example, versiondog can automatically backup PLCs, HMIs, SCADA systems, and much more. This ensures that operators can always restore a recent, error-free version in case of cyber attack.
This recent ICS cyber attack reveals the true danger of undetected changes to industrial control system data. What if the plant operator hadn’t noticed the malicious change in real time? The water supply for 15,000 residents could have been poisoned with a simple change that took hackers less than five minutes to execute.
Critical infrastructure organizations can safeguard against unauthorized changes by using a change management software for automation. versiondog compares the version running in the plant with the version stored on the server. If a change is detected, the appropriate users are immediately notified and can take swift action to address the cybersecurity concern.
Version Control and Comparisons
Can critical infrastructure organizations quickly identify exactly what was changed? As the Florida ICS attack demonstrates, hackers can make one simple change with potentially devastating results. With versiondog, users can graphically compare versions and view a full change history for each ICS device with the click of a button. This provides them with the ability to see who changed what, when, where, and why so that they can confidently restore an error-free version.
Learn more about IT/OT security best practices to prepare for, detect, and recover from ICS cyber attacks by downloading our comprehensive guide. This white paper will explore global best practices for IT/OT security, the important functions for a data management system in critical infrastructure, and how versiondog can help users easily adhere to those best practices.