Could our future include weekly infrastructure disruptions that mirror the gasoline distribution problems caused by the 2021 cyberattack on the Colonial Pipeline network? Will random power outages and contaminated drinking water become just a part of everyday life in the coming years?
Opportunities for significant breakdowns of utilities are there, according to security experts at SparkCognition’s recent Time Machine Interactive panel that looked at how fragile and vulnerable our infrastructure is in the face of cybercriminals looking to cash in by infiltrating porous security systems. And when these incidents happen, the perpetrators treat the attention generated by headlines about the gasoline supply shortages as a badge of courage.
Jarred Capellman, SparkCognition’s vice president of engineering, said major energy systems represent attractive targets, in part because the security systems of legacy assets haven’t been hardened in a coordinated, comprehensive way.
“They’re going to go after the biggest targets, knowing that our critical infrastructure is aging, whether it’s the software, the hardware, you name it. That concerns me as a cybersecurity researcher myself,” he said. “I would go after the big fish. That’s a giant target that our state-sponsored threat actors are going to go after, whether domestic or abroad.”
The realization of the threats posed by malware on critical equipment and systems, whether on the IT or OT side, has caused significant players like Siemens Energy to partner with leading artificial intelligence companies like SparkCognition. Those new relationships help them handle the demands around security that can’t be adequately covered with only human workers keeping watch.
Amogh Bhonde, senior vice president for Siemens Energy, said the need to find partners who can adequately handle cybersecurity requirements for the energy assets it produces has shaken the corporation out of its long-standing avoidance of seeking outside help.
“All traditional energy powerhouses, we’ve been doing this for decades, and we were not good at working with partners outside. Working with companies like SparkCognition is one of the most important things OEMs can do,” he said. “We know how this equipment works and how it operates in different environments. That puts us in a unique position to actually lead in this space of protecting our critical infrastructure, especially against cyberattacks. There’s a lot of equipment out there that is insecure that has not been protected. It’s connected but not secure, and there are thousands of machines at every plant that are vulnerable to attacks.”
Bhonde said Siemens Energy and its peer companies have a responsibility to improve their security protocols in the coming years since it is estimated that 2 billion new energy assets will be connected for use. If not properly secured, he said, those new connections represent a massive vulnerability for cyberattacks that could cause chaos for energy companies and customers. “If you’re a customer in this space, I think the big question you should be asking yourself is, how do I stay ahead of this and not let any sophisticated attack get me and derail my operations?”
Finding cybersecurity gaps, and innovating over them
Panel member Igor Bergman, vice president of cloud and software for Lenovo, said AI technology dedicated to cybersecurity helps to overcome and protect the soft spots created by a combination of human fallibility and legacy equipment that doesn’t get updated rigorously to withstand attacks.
“That vertical stack that comes together across OT and IT integration faces several challenges, and number one is people. OT and IT folks have completely different perspectives on the world and the sense of urgency in how they operate,” he said.
Bergman noted that another persistent issue across IT and OT setups is the inability of devices to communicate with each other, especially as the rate of technological change has dramatically increased and allowed security gaps to develop. When parts of a system are operating on mid-’90s software alongside brand new hardware, problems with security and other inefficiencies become inevitable.
“You get into the scale and you’re talking about a system where they are changing 2% over a period of 10 years versus other systems that are changing 20% every other day,” he said. “I’ve seen servers still in the customer data centers on Windows 98 and things like that. So now you’re talking again about cutting-edge, cloud edge-driven, AI-driven, IT operations solutions talking to servers that died with the dinosaurs.”
Looking to the future, Bhonde said the U.S. is allowing its critical infrastructure to remain vulnerable by failing to put legislation in place that requires strict cybersecurity protection for hardware and information systems tied to energy, transportation, and manufacturing.
While there is some hesitancy from lawmakers to spell out legal requirements for private industry’s output related to security, he said Asian countries are seeing the benefit of those moves both in terms of improved safety and the innovation in cybersecurity technology.
“Some of the Asian countries are maybe leading the way when it comes to regulation when it comes to energy equipment. Countries like Singapore and China have put in place regulations where all power plants or energy assets have to meet certain criteria a few years ahead of what we did in the United States,” he said. “There is definitely room for regulation, and what it does is it drives innovation. Creating that regulation drove innovation, and companies like ourselves had to revisit this topic very carefully.”
Leaders in energy and infrastructure management are learning that AI is a must-have tool to prevent the growing threat of cyberattacks from taking the critical components of everyday life offline. The cognitive models used in the SparkCognition Endpoint Protection solution have proven capabilities to learn and move ahead of developments in malware, protecting and securing OT assets against expensive and resource-intensive zero-day attacks.