How to boost cybersecurity in pipelines
Key Highlights
- Pipeline systems are increasingly vulnerable due to reliance on internet-connected devices and automation, necessitating robust cybersecurity measures.
- IT tools like RBAC, PAM, and Syslog can significantly improve the security posture of OT systems by controlling access, managing credentials, and logging events.
- Regulatory agencies worldwide are mandating cybersecurity standards for pipeline operators, emphasizing the need for integrated IT and OT security strategies.
- Manual management of device access credentials is risky and inefficient; automation through IT solutions reduces operational vulnerabilities.
- Implementing layered security measures enhances resilience against cyberattacks, ensuring the stability and safety of critical energy infrastructure.
By James Redmond
A secure supply of energy is necessary to maintain quality of life and a stable economy. Unfortunately, energy delivery systems such as pipelines, like any operational technology (OT) system, are vulnerable to cyberattacks. The United States Cybersecurity and Infrastructure Security Agency (CISA) observes that pipeline systems across the US are increasingly relying on automated technologies, including remote access and internet-connected devices, to manage and optimize their operations. Additionally, built-in weaknesses within pipeline IT and OT systems create openings that malicious actors can exploit.
The impact of these vulnerabilities can be seen in a ransomware attack in May 2021 that impacted energy supplies across the US eastern seaboard.
In response to the growing cyber threats targeting the pipeline industry, the United States Transportation Security Administration (TSA) has issued directives requiring critical pipeline owners and operators to swiftly implement essential cybersecurity measures aimed at preventing operational disruptions and system degradation. Further regulations from the TSA are expected to follow.
Cybersecurity agencies in the European Union, United Kingdom, Australia, and many other countries have also recognized this threat to pipeline security with similar requirements, such as the CRA or SOCI, being imposed upon pipeline operators. To address these growing threats to energy security, OT users and regulators are looking to IT for guidance and, ultimately, solutions.
Cyberattacks can originate from hostile actors inside and outside the pipeline operator. For example, the DarkSide ransomware service has been used in multiple cyberattacks against pipelines in the US. Similar claims have been about pipelines and other energy assets in Canada, European Union, and India and access is now for sale on the dark web.
Using IT to improve pipeline security
Fortunately, some of the major vulnerabilities are understood, if not always addressed beforehand, by many users. Vulnerabilities for OT equipment, such as remote terminal units (RTUs), programable logic controls (PLCs), human machine interfaces (HMIs), and SCADA systems, are published by agencies such as CISA and in open forums such as the Common Weakness Enumeration.
OT systems can leverage IT to help secure infrastructure like pipelines. The goal of IT is to safeguard data, networks, and systems from unauthorized access, breaches, and cyber threats. To achieve its goals, IT implements security measures such as firewalls, encryption, access controls, and regular system updates. IT also oversees incident responses, security audits, and user training to help ensure a robust security posture. Globally, IT has the resources to go with the expertise, as well as the CAPEX.
Network-facing OT equipment, like RTUs, PLCs, HMIs, can significantly help to secure pipeline operations by incorporating the mechanisms to interface with IT systems. This would include using directory services such as Active Directory and incorporating the ability to restrict operator access to OT devices and networks to users’ with OT network accounts. A key extension to this ability is the restriction of user access within the OT device itself.
This way, only the functions needed by a user to do their job are made available when a user is interacting with a device such as a PLC, RTU, or HMI. For example, a technician could be authorized to view that status of a pump station connected to an RTU, but not to modify the logic application being used by the RTU. This is known as role-based access control (RBAC).
Managing OT network accounts with RBAC
Controlling access to authorized users is critical to OT security. Consider: In the Verizon 2023 Data Breach Investigations Report, researchers found a human element in three-fourths of the studied breaches.
Using RBAC to manage accounts at an OT network level has major advantages over managing accounts on a device-by-device basis. Changing access credentials creates significant risk. Updating a password or account device-by-device cannot be sustained on scale. It’s a manual process that requires a user to access the specific tool for that device, login, change the password, logout and propagate the new credentials to the operators who work in the field.
This results in a risk of devices or operators being missed which, in turn, creates operational and security vulnerabilities. Users may not be able to access the devices, and credentials can be easily disclosed outside the organization. A second challenge is the time required to manually administer password changes device-by-device, which scales into a fulltime position depending on the number of employees and devices.
Using other IT technologies, further enhancements can be easily added to further secure OT devices. Adding multifactor authentication to the RBAC scheme can reduce the impact of a user’s OT network credentials being leaked or misused. The integration of privileged access management (PAM) tools such as CyberArk allow OT network administrators to control access on a device-by-device and service-by-service basis using centrally managed device accounts.
In this case, an operator could request access to a specific site and receive temporary credentials to the RTU specific to the site. When the work is complete, the PAM updates the credentials on each device. Redundancy with multiple servers is a standard fearure of these network systems to provide further resilience.
A final example of an IT approach that can leveraged to better secure OT pipeline systems is Syslog. Syslog is a standard approach used to log events on a computing device, like failed login attempts. This enables an OT network administrator to detect rapidly anomalies such as unexpected configuration changes or potential security breaches, allowing for a timely response. Syslog also provides a comprehensive audit trail of activities. This is essential for forensic analysis, compliance with regulations, and understanding the sequence of events leading up to a security incident.
Leveraging IT methods to help secure pipeline OT
Integrating standard IT tools and approaches into RTUs, PLCs, HMIs, and SCADA systems can significantly increase the security of pipelines. IT has the capability to address the most common vulnerabilities: the failure to update devices and the failure to limit access to authorized users.
Incorporating new OT equipment and tools that can support RBAC, PAMs, and Syslog increases cybersecurity for remote energy assets. Discover how Schneider Electric’s SCADAPack™ 47x and 47xi enable such IT tools to help mitigate major cybersecurity vulnerabilities.
Author bio:
James Redmond is Schneider Electric’s global offers manager for remote operations. He holds an electrical engineering degree; and, prior to Schneider, worked in manufacturing for defense companies. He also served as an engineering officer in the Canadian Army reserves.