Identity-Based Security Could Have Protected Utility Southern Water in Recent Phishing Attack

By March 10, 2020 No Comments

phishing attackIn the latest string of attacks on industrial companies, last week’s phishing hack on British utility Southern Water again brought to the forefront concerns around utilities’ cybersecurity. According to the Register, the utility’s networks, including their Supervision, Control, and Data Acquisition (SCADA) system, were impacted by the attack. The attack rendered Southern Water’s services temporarily unavailable for customers.

As this recent phishing attack has shown, essential utilities are frequently left vulnerable to cybersecurity risks – and attacks can both disrupt service for customers and be incredibly costly for the utility. In this case, an employee opened an attachment in an email claiming to be from the CEO, and an unsophisticated commodity malware attack was able to gain access to the utility’s networks. While the attack only briefly disrupted operations for Southern Water, it showed how simple it is for hackers to infiltrate operational networks, leaving far too many devices vulnerable. 

With current zone-based segmentation approaches, hackers are able to move laterally and bypass security controls within a network – like firewalls, NACs, and VPNs – with a simple attack. When organizations assume implicit trust inside each zone of a network, attackers are able to move freely once an initial intrusion is made. A single IT network intrusion – affecting one device – can be catastrophic, having significant impacts on both the water utility itself as well as the population who relies on it and the environment.

When it comes to cyber attacks in the utility space, role-based access control technology would be able to limit the spread of such an attack or block it entirely. By building trust-based interactions based on identity, and securing all these interactions, industrial organizations can dramatically reduce the attack surface as well as the impact of a successful attack. 

The key to preventing these attacks on utilities, then, is for companies to enforce access control for every interaction across their entire networks through a unified platform.

With Xage’s Security Fabric, industrial operations are protected with a trusted cybersecurity foundation, whether human-to-machine, machine-to-machine, or edge-to-cloud. By protecting each individual asset by its identity and by using multi-factor authentication – rather than a zone-based system – Xage’s solution makes it extremely difficult for hackers to move between assets. In deploying this distributed and tamperproof security fabric across every element of the utility’s environment, Xage ensures that operations are secure while also allowing organizations to safely embrace digital transformation. 

With the rise of cyberattacks, utilities need to move their operations (including their SCADA systems) to security platforms with multi-factor authentication and role-based access control in order to prevent future hacks. Utilities that deploy comprehensive identity and access management controls can ensure their systems are protected while also enabling their organization to digitally transform, securely.

Learn more about Xage’s identity and access control offerings here

White Paper

the whitepaper

The current model of enterprise security is incapable of protecting Industry 4.0 with its intermittently connected, heterogeneous devices and applications, distributed across organizations and geographies. Today’s centralized IT security paradigm needs to be replaced by cybersecurity that is distributed, flexible and adaptive.