CNI

Cyber ​​attacks are no longer just virtual, lives are at stake

Lately, unfortunately, we have witnessed cyber incidents where hackers don't hesitate to endanger people's lives for the better of themselves. The attacks on industrial systems have proven this point quite clearly.

What is going on?

On the morning of Feb. 5, an employee at the water treatment plant in Oldsmar, Florida noticed that the mouse cursor clicked on the plant controls. The intruder tried to change the level of sodium hydroxide, also called lye, in the water; he moved the setting from 100 ppm to 11.100 ppm. If the poisoned water had reached the citizens, the consequences would have been catastrophic.

What does this mean?

The point to note is that the hacker entered the system not once, but twice. This indicates that it could have been a serious cyber and physical breach. It also raises questions about the security of such a sensitive system.

Related incidents

Electrobras and Copel, two major electricity companies in Brazil, fell victim to a ransomware attack that forced them to temporarily suspend their operations. The Operation Spalax campaign targeted Colombian government agencies and private companies from the energy and metals sector. It is suspected that the intrusion at SolarWinds could also affect the OT systems, with damaging consequences for the physical world.

Worries continue to exist

The elements of modern industrial systems are fundamental to critical infrastructure. However, OT security is often neglected, even though IT systems have merged with OT systems due to the digital transformation. Attacks on utilities can potentially lead to large-scale power outages. The Florida attack is a high-profile incident that highlights the importance of protecting industrial networks from being exposed to outside networks.

What it comes down to

We are already in an era of cyber warfare and it is only getting worse. Attacks on critical infrastructure are undeniably a national security problem. In addition, different sectors are interdependent and an attack on one sector can spread to another. The incidents listed above are very capable of causing real damage and therefore cybersecurity must now be a top priority, regardless of the sectors involved. It is also very relevant that the critical infrastructure is aware of the risks arising from 3rd and 4rd party risk. In other words, you can have things in order yourself, but if a supplier does not have things in order, this can result in complex situations of chain liability.