Between the SolarWinds cyberattack and the smaller, but no less frightening, Oldsmar attack on a water treatment plant near Tampa Bay, Florida., cybersecurity has been front and center in the news. But these two cyberattacks on SolarWinds and Oldsmar were much different in nature and require different tools to protect against them.
SolarWinds was an advanced, nation-state-level attack that threatened operational technology (OT) and governmental systems. Oldsmar, on the other hand, was a smaller, less sophisticated incursion that was easily detected. The question is: How do these two very different attacks affect industrial applications in the present and future?
John Livingston, CEO of Verve Industrial Protection, discussed how the industry should respond to increasing threats and vulnerabilities in a video interview with CFE Media and Technology.
“[The cyberattacks on SolarWinds and Oldsmar] are great examples of two very different types of risks that we face within the OT environment and how we need to think about, frankly, securing these environments holistically,” said Livingston, who spent more than 20 years advising large companies in strategy and operations with McKinsey and Co. before joining Verve in 2016.
According to Livingston, the SolarWinds attack put at risk the fundamental operations of similar facilities. He also said we’re still learning what the lasting implications of the attack will be.
“What we don’t yet know, and no one yet knows, is the extent to which that attack spread,” Livingston said. “So we think we have a view of where it began and where it ends, so to speak, but no one knows that for sure.”
Though the Oldsmar attack, where a hacker was able to remotely access a water treatment plant and increase the amount of sodium hydroxide, or lye, in the water to a dangerous level, was thwarted and didn’t ultimately do much damage, that’s no reason for complacency.
“If there was a more advanced attacker, a more thoughtful attacker in that case, it could have been devastating,” Livingston said. “If that attacker had employed some of the tools used in, for instance, the Ukrainian power grid attack or Stuxnet or others to essentially mask what was going on underneath, it could have been deadly.”
In Part 2 of John Livingston’s conversation with Industrial Cybersecurity Pulse, he will discuss how the evolution of industrial cybersecurity vulnerabilities is changing product design, development, service and support.
Watch for future installments from our CEO interview series in the coming weeks.