Digital energy multinational, Schneider Electric has called for caution from industrial players with regard to the increased risk of cyber-attacks on Industrial Control Systems (ICS) of critical infrastructures.
Speaking to journalists, Bukola Onibonoje, the Senior Service Engineer, Schneider Electric, explained that as ICS become connected to the Internet to allow greater business efficiency – remote process monitoring and system maintenance – they also make the business more vulnerable to threats with the potential to seriously affect critical infrastructure.
He says, “The integration of Operational Technology (OT) and Information Technology (IT) in these industries have increased efficiency and productivity, but it has also increased the security risk, as cyber-attacks on the IT environment can now directly impact the physical processes controlled by OT systems.”
Read also: Strengthen e-payment platforms, PPC advises banks
When asked about the risk factors, he explains “It is not uncommon for Schneider Electric experts to witness legacy hardware and ICS in some critical infrastructures that were developed before Cybersecurity became a global concern, therefore they do not have the necessary security measures in-place to prevent such incidence. In addition, they may have reached their End of Life which makes them vulnerable to cyber attackers.”
He adds, “Insecure remote connection — access links such as dial-up modems and wireless communications – are often used for remote diagnostics or maintenance. If encryption or authentication mechanisms are not utilized, the integrity of the transmitted information is vulnerable.”
Onibonoje also mentioned that the online availability of technical information of critical systems such as design and maintenance documents greatly jeopardises overall security.
According to the British cybersecurity firm, Sophos, in the State of Ransomware 2022 report, a total of $706,452 was paid as ransom to the cybercriminals by Nigerian businesses.
Schneider Electric recommends that organizations with critical infrastructure separate their ICS from their operations physically.
They also encourage the adoption of cybersecurity programs, which involve security assessments, employee training and incident response plans.
The use of the latest security technology for intrusion detection and prevention, as well as partnerships with cybersecurity experts for vulnerability assessment, is also advised to limit the risk of intrusion.
Speaking on the challenges in industrial automation, Onibonoje says, “Schneider Electric solutions like EcoStruxure Foxboro Distributed Control System, Foxboro SCADA and Triconex Safety Systems help organisations with critical infrastructure successfully integrate IT and OT with the latest digital security technology to prevent operations being compromised.”
Schneider Electric drives digital transformation by integrating world-leading processes and energy technologies, end-point to cloud connecting products, controls, software and services, across the entire lifecycle, enabling integrated company management, for homes, buildings, data centers, infrastructure and industries.
