Security experts put their heads together following rash of industrial cyber security incidents

The industrial cybersecurity industry came together at the OT-ISAC Summit with a shared approach of strengthening their fight against the rising cyber security incidents that hackers use to target operational technology (OT) environments and the critical infrastructure sector. The effort between vendors, suppliers, asset owners and operators, governments, and other stakeholders comes in the wake of recent cyberattacks, some of which were by ransomware.

These have included several high-profile cyber security incidents affecting oil pipelines, governments, manufacturing plants, and even hospitals. Ransomware and software supply chain attacks were conducted and sometimes a combination of both, John Lee, managing director of GRF Asia-Pacific and the OT-ISAC Summit, said in his welcome address at the OT-ISAC Summit.  

“A critical national infrastructure organization in a South East Asian country was also targeted in an espionage campaign,” Lee said. “The attacks occurred from November last year to March this year.” Recent cyber targets have included a hack at a water treatment plant in Florida, and ransomware attacks on the IT systems at Colonial Pipeline, which forced the pipeline company to shut much of its network for several days in May. 

The OT-ISAC Summit in its second year consisted of several virtual sessions with experts, practitioners, and asset owners and operators sharing their best practices and lessons learned that stakeholders can adapt and achieve mutual defense in protecting critical assets – the ‘crown jewels’ of organizations. “If these assets are compromised, it would lead to serious consequences and impact business objectives,” Lee said.

Lee began his address by comparing the cyber threats to the current biological threats, which have become endemic. “They will not go away anytime soon. There will always be new threats and variants of malware, ransomware, new techniques or methods of attacks.”

“Not all organizations have the necessary capabilities or bandwidth to mitigate these risks. They may lack threat information or intelligence. However, they can leverage from the community to collaborate and share critical information that may lead to early detection and remediation of threats,” he added.

Connectivity and real-time exchange of data between OT and IT systems create opportunities for improving operational efficiencies, Lee said. “Industrial landscape has also been reshaped by new technology, innovations. It has changed the way we operate and conduct our business. The digital transformation of Industry 4.0 has been accelerated by the global pandemic. It has forced organizations to adopt digital solutions,” he added.

New inventions and technologies such as high-speed telecom infrastructure, 5G networks, industrial Internet of Things, artificial intelligence, machine learning, and the network of sensors and interfaces have allowed the transfer of data between equipment, systems, and organizations seamlessly. 

“We are beginning to see some of the outcomes of convergence, their increased productivity, and revenue. It may lead to lower costs and provide more consistent quality. All this creates new business opportunities. However, given the lack of common standards and an increasing attack surface and sophistication of threat actors, the risks are very high,” Lee said. “Cybersecurity becomes an existential threat, as we are all dependent on technology. Cyber-attacks know no boundaries, nor norms of behavior.”  

Panelists at an executive round table at the OT-ISAC Summit agreed that while threats to OT networks remain high, hackers are continuously looking to cause disruptions on critical services and industrial services. The enhanced risk exposure assessment and refined approach from protection to threat response leads to organizational companies looking at various ways to assess their risk exposure and better improve their approach from protecting to responding to cyber security incidents. 

Peter Jackson, engineering manager for cyber at SGS ECL, moderated the executive round table, which included Chew Lip Ping, director at the Government Technology Agency, Mel Migriño, vice president and group CISO of Meralco, and Steven Sim, chair of the OT-ISAC executive committee and president at ISACA Singapore Chapter.  

At the summit, OT-ISAC announced that Siemens Energy has been added to its Alliance Partner Program to support the security of critical information infrastructure in Singapore and other ASEAN nations. This will allow Siemens Energy to work closely with like-minded partners on proven methodologies, tested solutions, and approaches to optimize cyber resilience and reduce risk. By sharing timely tactical security details, members reap the benefits of early detection and insight into the management and containment of cyber threats.

Siemens Energy is the first OEM company to come on board and is equipped with an extensive presence in every aspect of the energy supply chain – from generation and transmission to storage and technology development. “With their global footprint and broad capabilities in industrial cybersecurity, it makes sense for our organizations to work in concert to improve the cybersecurity of the energy sector,” Lee said.

“In an increasingly volatile and sophisticated digital landscape, it is essential that we build up data collection and collaborative analysis capabilities across the critical infrastructure sectors in Asia Pacific,” Mex Martinot, Siemens Energy’s vice president and regional head Asia of industrial cyber and digital security said. “Through the collaboration with OT-ISAC, Siemens Energy intends to support members by securing the technology at the heart of member operations and strengthen the collective response to ICS cyber threats.”

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.