Today’s columnist, Elad Ben-Meir of SCADAfence, writes that the attack on the water treatment plant in Oldsmar, Fla., was a “wake-up call” and that all public utilities have to get serious about securing critical infrastructure. robert.claypool CreativeCommons CC0 1.0

Critical infrastructure such as water treatment facilities and electric power plants in the United States have become more vulnerable than ever to a cyberattack. Security perimeters have been stretched with the addition of many kinds of IoT devices at a time when industrial operating systems are increasingly operated remotely, opening up new threat vectors and numerous entry points for attackers.

In the United States alone, there are about 54,000 distinct drinking water systems and many are currently highly vulnerable to ransomware attacks or malicious breaches, as they largely rely on some type of remote access to monitor and/or administer their systems. Many of their facilities are also unattended, particularly during the pandemic. They are generally underfunded, and rarely have anyone watching the IT operations around the clock, meaning any initial breach via an IoT device can get ruthlessly exploited for hours before being detected, placing the targeted facility firmly in the hackers’ hands.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.