| Spotlight
ransomware showcased the power of resilience. A cyber intrusion stemmed from an employee unknowingly triggering an infected email three months prior, leading to a subsequent assault orchestrated by the LockerGoga ransomware group. This malicious software infiltrated Norsk Hydro’s computer systems, compelling the company to halt operations in numerous production facilities. The aftermath of this ransomware attack
reverberated widely, affecting 35,000 employees dispersed across 40 nations and inflicting financial losses approximating $71 million. In response, Norsk Hydro garnered acclaim for its adept management of the crisis. Instead of succumbing to the ransom demand, the company chose to collaborate with Microsoft’s cybersecurity experts to facilitate the restoration of operations. Additionally, Norsk Hydro demonstrated a commitment to transparency by openly communicating the evolving situation. Torstein Gimnes, the corporate information security officer at Norsk Hydro, emphasized the futility of paying ransoms as a solution, underlining the necessity of rebuilding compromised infrastructure to ensure its integrity. Noteworthy steps taken in the wake of the incident included an immediate shutdown of IT networks and servers to curtail further propagation, and engaging Microsoft’s cybersecurity team to leverage reliable backups for data restoration. Moving forward, Norsk Hydro’s strategic focus encompassed bolstering security measures through comprehensive employee training, implementation of multi-factor authentication, regular updates, and the implementation of robust backup solutions.
Pioneering secure horizons To safeguard the security of control systems, SCADA
(Supervisory Control and Data Acquisition), and other vital components within hydropower and dam facilities, Marlene Ladendorff says engineers can employ a multi-faceted approach that combines physical and cybersecurity measures for optimal protection. The fusion of these controls offers a robust defense strategy. Physical security controls, including perimeter fortifications such as fences, CCTV surveillance, and locks, alongside access controls encompassing key-based, electronic, or biometric methods, contribute to safeguarding the facility. Cybersecurity measures, on the other hand, involve intricate network architecture designs, meticulous logical access control encompassing computer logins and passwords, and the establishment of comprehensive policies and procedures. By identifying the critical components within the facility, management can apply tailored controls to enhance the safety and security of these elements. Phil Rouse points out that several key strategies can be implemented to ensure the integrity of hydropower and dam facilities: Network security: A dedicated system like TSAT, purposefully designed for SCADA applications, can provide unparalleled security. Operating system and software security: Keeping operating systems and software up to date is essential, as these updates often include critical security patches that shield against vulnerabilities. Continuous network monitoring: Detecting
anomalies promptly enables proactive responses. Redundancy and backup: Implementing redundancy mitigates the risk of single points of failure, thereby enhancing system reliability and ensuring uninterrupted connectivity, even in the face of network disruptions. User Training: Regular training initiatives should be provided to staff, equipping them with knowledge about various risks and best practices to thwart potential threats.
“OT specific cybersecurity training is crucial to any critical infrastructure organization,” explains Ladendorff. “There are significant differences between IT and OT cybersecurity. A common understanding in cybersecurity practices is the fact that an organization is only as strong as its weakest link, and the weakest link in cybersecurity is people. OT cybersecurity training and awareness can strengthen personnel’s understanding of cyber threats and how to protect against them.”
Keeping up to date Staying abreast of the latest cybersecurity threats
and best practices is essential for the industry’s vigilance. The Cybersecurity & Infrastructure Security Agency (CISA) serves as a valuable resource, disseminating threat information via advisories and alerts available at (
https://www.cisa.gov/topics/ cyber-threats-and-advisories). Engaging in cyber security conferences and webinars offers another avenue for industry professionals to stay informed. Additionally, keeping a close watch on updates from vendors and suppliers is crucial, as they frequently provide information about vulnerabilities, patches, and security enhancements for their products. Monitoring blogs and pertinent publications is also recommended to remain in the loop. Rouse points out that perhaps the most invaluable recommendation lies in actively participating in knowledge-sharing initiatives with peers within the industry, recognizing that the exchange of insights is immeasurable in its contribution to overall cyber resilience.
Additional challenges Engineers must be acutely attuned to additional
cybersecurity challenges arising in the modern landscape, particularly with the increasing integration of Industrial Internet of Things (IIoT) into critical infrastructure like hydropower facilities. Several pertinent challenges demand vigilant attention: Expanded attack surfaces due to interconnected devices, offering more targets for cyberattacks.s. IoT device security complexities, especially remote updates, risking vulnerabilities and tampering. Essential communication security for wireless IoT devices using different protocols.. Preserving data integrity and privacy to avoid flawed decision-making from compromised data. IoT network visibility challenges hindering quick response to potential cyber threats. Lack of standardization in security protocols among IoT device manufacturers, complicating consistent security practices..
Mitigating these challenges demands an astute grasp of the intricate interplay between IIoT integration and cybersecurity, enabling engineers to enact measures that bolster the resilience and safety of critical infrastructure operations.
www.waterpowermagazine.com | September 2023 | 11
Contributor information
Phil Rouse, Advisor to the Chief Executive Officer, developed the strategy for the group and was responsible for the early shaping of Ground Control. As a founding partner of Wireless Innovation, Phil orchestrated a highly successful investment round via Lyceum Capital (now Horizon Capital), culminating in the merger of three companies and propelling Ground Control to become one of the leaders in M2M and IoT communications. Ground Control specialises in satellite and cellular services, connecting people and things, especially in remote and hard-to-reach areas, with applications spanning the globe. With a background in Microwave Electronics in the Defence industry, then moving into the Telecommunications sector, he played a pivotal role in several successful business growth initiatives and leading an MBO in 2004 to create Wireless Innovation Ltd.
Marlene Ladendorff focuses on OT cybersecurity for critical infrastructure sectors, domestic and international. Her PhD dissertation studied the Effect of the North American Electric Reliability Corporation Critical Infrastructure Protection Standards on Bulk Electric System Reliability. She has been involved in cybersecurity for domestic nuclear power plants since 2008 when the Nuclear Regulatory Commission released rule 10 CFR 73.54, Protection of Digital Computer and Communication Systems and Networks. Marlene also worked in the United Arab Emirates during the construction of the new APR1400 digital nuclear power reactors.
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53
