Recently, a story broke in Florida that sounds like something out of a terse action film: a hacker managed to access a water treatment facility and subjected the Pinellas County water supply with increased levels of sodium hydroxide. While onsite operators were able to correct the issue right away and keep the public safe from danger, this event is the latest in a line of cyberattacks directed at public utilities. Let’s consider this unpleasant trend.
Many of today’s systems run via the assistance of computers and are hosted online to embrace remote capabilities. Unfortunately, this nature leaves them vulnerable to hackers—despite the huge investments made into protecting the public infrastructure that runs on these systems.
As the event in Pinellas County proves, it just takes one time to cause great damage. Therefore, we can see why it is so important to keep these systems secure.
With more people than ever suddenly working remotely, many jobs that once required on-site staff have shifted to automated solutions—especially in terms of seeking out IT threats and issues. However, with all this “newness”, many people aren’t familiar with the toolkits they are working with.
As a result, more employees are vulnerable to attacks and less aware of how to prevent them.
According to a Ponemon Institute report, the level of sophistication that is used in attacks against utilities has increased sharply. 54 percent of utility managers foresee having to contend with at least one cyberattack this year—meaning that half of those that provide electricity, safe water, and other critical resources anticipate a major event.
When you consider how much our society relies on these systems, this is disconcerting to think about.
Unfortunately, this question is where things can get complicated. It isn’t as though utility companies underestimate the importance of security, after all. However, by modeling their approach upon the one undertaken by the average enterprise, they have adopted a lot of the same practices: revising their practices as they go, continuing to innovate, and being increasingly vigilant.
For instance, many providers are integrating options that businesses have had success with. AI has been integrated to help identify potential threats much more efficiently by processing far more data in far less time. The Internet of Things is now used to better track and modulate internal processes and distribution of resources. Even better, these IoT devices (which are usually infamous for their questionable security) have seen the investments necessary to properly maintain their protections thanks to the efforts of the utility companies.
Considering the importance of our utility services, protecting them needs to be a priority… but what do you think? Should more attention be paid to the cybersecurity protecting them? Leave your opinion in the comments.