Could our utility networks be held to ransom? How legacy communication technologies are leaving critical infrastructure at risk

/ / Utilities
Cybersecurity

It seems like we’ve barely drawn breath from the Wannacry ransomware attack, which swept across the world in May, and yet already another insidious form of ransomware is wreaking international havoc. Originally assumed to be a variant of an older form of malware called Petya, the attack has crippled the computer systems at, among others, the advertiser WPP, law firm DLA Piper, food company Mondelez and Danish shipping company Maersk.

Ukraine has been particularly badly affected, with the company’s national bank, Kiev airport, metro system and a state-owned aircraft manufacturer all coming attack. Why Ukraine? According to the Ukrainian Cyber Police, the attack was originally spread via a software update in an accounting program that all organisations working with the Ukrainian government need to use.

Lessons learned?

So, what does this latest ransomware attack tell us? Well, given that this is the second major attack in as many months, and given that major elements of national infrastructure have been affected, it should act as a stark warning for utilities companies. Critical utilities networks are serious cybercrime targets, because malicious cybercriminals know that you can’t afford to have your IT infrastructure paralysed for even a short amount of time. The operational – and reputational – damage would be enormous. If you are in charge of technology at a utilities organisation, you need to be taking the risk of ransomware and other malware attacks extremely seriously.

The legacy problem

One problem faced by a large proportion of utilities organisations is that their networks tend to encompass a mixture of legacy systems, particular when it comes to Supervisory Control and Data Acquisition (SCADA) technology. They’ve built up organically over time and are a natural result of evolving technology. However, in an era of ever more connected devices and ever faster network changes, in which utilities firms are under increasing pressure to develop smart grids and respond to environmental challenges, this kind of complexity is unsustainable and can pose serious security risks.

Indeed, in December 2015 a cyber-attacker successfully seized control of the Prykarpattyaoblenergo Control Center (PCC) in Western Ukraine, leaving 230,000 without power for up to six hours. The attack was linked to the PCC’s legacy SCADA system. The attackers overwrote firmware on critical devices at 16 substations, leaving them unresponsive to any remote commands.

Legacy systems of any kind ultimately contain vulnerabilities that cybercriminals can take advantage of while having multiple disparate technologies can also make it very difficult for organisations to have a ‘single pane of glass’ view of what is happening across a communications network. In turn, when a problem does occur, it can be tricky to identify, isolate and remediate.

The answer: unification

What’s the solution? Utilities organisations need to unify all of their disparate communications hardware and software on a single communications network. Complex and divergent communications technologies need to be brought together on unified architectures, with all voice and data managed from the same centralised platform. This doesn’t need to lock utilities companies into single manufacturers or proprietary technologies – on the contrary, serial, Ethernet and PMR radio as well as mesh and LTE technologies can all be integrated together. The key point is to bring unification where there have previously been vulnerable legacy systems and disparate, unconnected technologies.

Click here to learn more about our specialist solutions for the utilities sector.