Everyone in the water utility business today must be concerned about the cyber breach of the Oldsmar, Florida water utility reported a few days ago. It would be natural for water utility managers to now question if their systems might be as vulnerable and if their citizens are equally at risk.
This is, of course, a serious situation and highlights how vulnerable water utilities can be. And the stakes are so very high – this is not just a nuisance, lives are at risk!
Fortunately, there are simple, cost-effective solutions on the market to protect water systems and other critical national infrastructure and prevent hacks, like the one in Florida, from ever happening.
SCADA systems, such as those used extensively in water and other utilities, are an ongoing source of concern for organizations and their OT/IT staffs due to their continuous need for patching (to address new compromises), their age (many devices have software and/or operating systems that are near end-of-life or are already deprecated), and their fundamental lack of provable security.
The good news is that there is a new class of solutions which can immediately lower the risk of cyberattack for utilities with an easy to drop-in, no-maintenance solution – hardware-based security solutions, or HardSec for short.
These solutions are provably secure as they are built with immutable hardware that cannot be changed or modified by accident or by criminal intent. By being hardware, the implementation can be as easy as plug-and-play and create a secure network overlay. The endpoints need not be modified as no agents or other applets need to be installed. Instead, the HardSec devices conduct the required cybersecurity tasks. This is especially important for older systems that may be fragile and burdening them with cybersecurity tasks can easily overwhelm them.
Likewise, the networks do not need to be modified as the overlay can be implemented on almost any network – from satellite to LTE to fiber or copper Internet connections. In fact, HardSec solution can be strong enough to positively secure public networks (such as LTE) so even remote utility resources can be controlled securely without the risk of malicious access through the network. And since the functionality is embedded in immutable hardware, these devices never need to be patched or updated… making them truly maintenance-free.
The new advanced install-and-forget HardSec solutions will protect well into the future as they can be classified as quantum compute-resistant. Yet most implementations can be installed quickly, protecting critical networks immediately. Finally, HardSec solutions can usually be included in the utility rate-base as plant investment.
QNS is committed to protecting our national critical infrastructure and has developed the Q Box HardSec solution for that purpose. No one wants their water system to be the next headline for having become a victim of a cyberattack.