Ransomware Attack on Gas Facility Underlines Need for Identity-Based Security

By February 28, 2020 No Comments

Xage Blog PostLast week’s ransomware attack on an unnamed natural gas compression facility renewed concern over industrial security and had consequences for the plant’s operations, with the facility shuttering for two days following the security threat. The White House’s American Cybersecurity and Infrastructure Security Agency issued a statement warning of the threat, urging operators of critical infrastructure to align on best approaches for mitigating these sorts of attacks.

As this recent attack on the oil and gas industry has shown, organizations are frequently exposed to risk as informational technology (IT) and operational technology (OT) networks converge to enable new business opportunities. In this case, an unsophisticated attacker was able to access the IT network before pivoting to and infecting the OT network––all while overcoming existing security controls. While the attack did not damage any programmable logic controllers (PLCs), it easily could have impacted the organization’s profitability by accessing and disrupting system-wide operations. For many oil and gas companies, today’s security controls are inadequate, and they fall short of protecting valuable assets when IT and OT networks are combined.

While the CISA alert on this attack offers suggestions for preventing similar breaches in the future, some of these solutions are not practical in today’s security environment. They recommend implementing “robust segmentation between OT and IT networks” and organizing “OT assets into logical zones,” but these approaches are practically impossible and far too complex with today’s security controls, where IT and OT must share information. Zones are a thing of the past, and network segmentation cannot be the last line of defense for safeguarding critical infrastructure.

Xage’s Security Fabric provides protection for all industrial operations, creating a trusted foundation for every interaction, whether human-to-machine, machine-to-machine, or edge-to-cloud. It also delivers a unified layer of identity-based access across legacy and new devices to protect each asset with ease and achieve “identity-based nano-segmentation”––allowing IT and OT networks to converge safely. By protecting each individual asset by its identity and with multi-factor authentication, Xage’s solution makes it extremely difficult for potential hackers to move laterally between assets. 

With more frequent cybersecurity threats against critical infrastructure, it’s no longer an option for oil and gas organizations to delay adopting security controls when they risk multi-day shutdowns and revenue loss. By incorporating new security controls into their systems, these organizations can continue to enable new business opportunities while converging IT and OT systems, without risk. 

Learn more about Xage’s identity and authentication offerings here

White Paper

the whitepaper

The current model of enterprise security is incapable of protecting Industry 4.0 with its intermittently connected, heterogeneous devices and applications, distributed across organizations and geographies. Today’s centralized IT security paradigm needs to be replaced by cybersecurity that is distributed, flexible and adaptive.