Cyber-attacks from malicious hackers are one of the biggest threats faced by critical infrastructure in recent times. These attacks have the potential to be catastrophic for the area or country targeted as the technologies exists to target multiple physical systems remotely at any time in order to inflict maximum damage. Natural gas distribution systems are some of the most vulnerable to such attacks as they not only provide energy to millions of homes and offices, but can also be an incredibly volatile substance when exposed to certain environmental conditions.
For these reasons, it is imperative that natural gas distribution systems are protected from cyber threats and attacks through adequate, intelligent, and distributed cyber security systems and software. However, sometimes businesses and organisations can miss out or pass on cyber security assessments due to not prioritizing cyber security or underestimating the cyber threats they face.
Critical infrastructure has, in recent years, become somewhat of a hot topic when it comes to cyber security due to its critical nature and advances in both cyber security systems and technologies, and the kinds of technologies available to hackers that can enable them to bypass traditional security systems. While technological innovations are being driven by factors such as the Internet of Things (IoT) and improved wireless communications networks such as 5G, this also creates a range of new attack vectors that hackers could potentially take advantage of. In this article, we’ll be looking at some of the main vulnerabilities of natural gas distribution systems, how they may be exploited by malicious hackers, and how they can be protected from them. Before we go into that, let’s first take a look at a few of the biggest vulnerabilities they, or their constituent technologies, may have.
Cyber Attack Vulnerabilities
While the vast majority of network or internet-connected technologies have vulnerabilities and attack vectors that could be exploited by hackers, there are several systems within gas distribution architecture that are likely targets of cyber-attacks due to what they are, what they control, and how they can be accessed. For example, IP cameras performing surveillance functions around natural gas distribution systems are purposefully designed to be accessed remotely, however, this can also create vulnerabilities in surveillance systems whereby hackers could exploit access management and authorization software in order to access, manipulate, or damage the surveillance system being accessed. Let’s now look at some of the vulnerable technologies and frameworks within natural gas distribution systems.
1- SCADA Systems
For the past few decades, many industrial processes and physical infrastructure has been controlled and supervised by supervisory control and data acquisition systems or SCADA systems. These systems will often have control over processes such as the operation of valves, switches, pressure settings, and various other pipeline operational controls and settings. It is therefore imperative that SCADA systems have adequate cyber security protection from the kinds of cyber threats that would look to exploit and gain control of the processes they manage. Typically, SCADA and industrial control systems (ICS) are located outside of traditional cyber security boundaries due to their functions and optimal locations. This means that, in order to properly gauge the kinds of protection required, cyber security audits and risk assessments are a good start to finding the appropriate cyber-security architecture required.
A business or organisation’s wide-area network (WAN) can also be a vulnerability within natural gas distribution systems. Network security is something that most businesses or organisations will have heard of or had to deal with some point in time, however, there is still somewhat of a reluctance to deal with this important aspect from time to time. One of the best ways to help reduce the risk to a corporate network would be to install firewalls between it and any control systems such as SCADA or ICS. Access control systems are also a good way to boost access security on a proprietary network where multi-layer authentication tools will often deter all but the most determined of malicious hackers.
3- Lacking or Outdated Security Updates
Security updates are generally released once vulnerabilities are discovered and patches written for them, so it’s always a good idea to keep up to date with all the latest security patches released by an OEM. Sometimes, however, these updates can be seen as an annoyance and consistently put on the back burner until it is too late. In order to avoid unnecessary exploitation and ensure all known attack vectors are patched, it is advised that system operators and administrators keep an eye out for the latest patches from their OEM and install them as soon as they are available. This may mean a little time taken to get everything set up and installed but, in the event of an actual cyber-attack, will seem like time well spent.
4- Lack of Cyber Security Training for Staff
Like security updates and patches, cyber security training for staff and management doesn’t always get seen as a top priority. This is an issue in itself as with the vast majority of cyber-attacks on businesses or organisations, adequate staff training may well have prevented disaster. Failure to train staff in the constantly evolving world of cyber threats means that, if one were to arrive in their email inbox, they would be untrained in how to deal with it and could in some cases make things even worse through their inexperience in dealing with cyber threats. Quarterly or annual training in cyber security best practices will enable all staff to recognize cyber security incidents or threats and react accordingly.
As critical infrastructure becomes increasingly digitized and virtualized, more and more attention will need to be paid to the cyber-security threats facing them. Advanced planning for a zero-day attack, an attack in which the vulnerability isn’t known until it is exploited, can help prevent some of the damage these kinds of attacks tend to cause. However, there is no substitute for having adequate layers of protection in place around physical and cyber critical infrastructure systems.