Hazardous Materials: New Standards For Cyber Protection

Waterfall Security Solutions has been protecting critical infrastructures from cyber-attacks for over a decade. Waterfall’s unique technology now enables businesses to meet new regulatory requirements established by the Israeli Ministry of Environmental Protection for the cyber protection of plants handling hazardous materials

Waterfall Security Solutions has developed advanced cyber solutions for protecting critical infrastructures around the world, since the company’s founding in 2007. Waterfall’s technologies protect industrial production facilities and control networks at locations such as power plants, pipelines, refineries, railway systems, water treatment plants, factories, and many others.

A new application of Waterfall’s world-leading technologies is enabling industrial enterprises to comply with new rules issued by Israel’s Ministry of Environmental Protection. The rules require robust cyber protections for plants handling hazardous materials such as ammonia. The rules are designed to prevent cyber attacks from compromising the operation of safety and control computers at such plants, and so prevent the leakage of hazardous materials into the environment or into human-consumable products.

Lior Frenkel, the founder, and CEO of Waterfall explains, “It is not only large petrochemical plants that use hazardous materials. Such materials are used at food processing plants as well — these materials may not be added to the food itself but may be used as part of the manufacturing process. This regulation is relevant to all food and pharmaceutical plants, paint manufacturers and many more. The majority of such plants have never given any thought to providing cyber protection for their systems. Following the introduction of these standards though, these facilities need to take action and rightly so. For example, very recently a significant cyber-attack was reported on the largest water treatment plant in Israel, raising concerns that someone might seize control of the systems that determine the water’s chlorine content and so could produce contaminated water by changing chlorine concentrations. This kind of attack is precisely what these new regulations demand protection from — the ability of an attacker to use computer systems to insert hazardous materials into food or medications being produced at these facilities.”

Why is the introduction of these standards relevant to Waterfall?

“Waterfall created the concept of Unidirectional Security Gateways for protecting industrial operations. Our gateways are a combination of hardware and software. The hardware is physically able to send information out of industrial operations and physically unable to send any information back into those sites. This means that the gateways enable monitoring of operations, without risk. The gateway software replicates servers – most commonly relational databases, industrial historian databases, or industrial OPC servers. External users interact normally with the real-time replicas, and so have access to the very latest industrial data in the same formats and even systems as these users have today.”

“Our gateways most commonly replace the so-called ‘IT/OT interface firewall’ in industrial network designs. Firewalls are software, and all software has vulnerabilities. When our enemies discover such vulnerabilities before we do, we have a serious problem. Unidirectional Gateways deployed at the interface between enterprise networks and industrial networks let the business profit from access to industrial information, without the risk that newly discovered software vulnerabilities will put production at risk. Even if software vulnerabilities are discovered, or passwords are stolen, or software is misconfigured, the Unidirectional Gateway hardware continues to physically prevent any attack from entering production facilities.”

The new standards introduced by Israel’s Ministry of Environmental Protection state explicitly that industrial networks managing hazardous materials are to be connected to business networks or to the Internet only via unidirectional communications. Waterfall already protects a large number and variety of industrial sites from cyber sabotage. We now look forward to similarly protecting Israel’s businesses that use hazardous materials, including materials used in the production of human consumables.”

What is included in your international operations?

“Waterfall’s products are developed and manufactured in Israel and are available worldwide. Our biggest markets are in North America and Asia. Our customers include major electrical power utilities, water supply infrastructures, railway systems, airports and so forth. In addition, in the USA we have customers such as large casino sites in Las Vegas, where we are engaged in protecting the management system infrastructures operating the casino buildings. Casino sites are subject to regulation concerning safety: if air purification, air conditioning, elevators or escalators break down, the site must be evacuated. A single ransomware infection could cause enormous financial damage and harm to the reputation of a facility — which is where we stepped in.”

How did you deal with the lockdown period during the Corona crisis?

“Waterfall was designated as ‘A Vital Industry,’ meaning that we were able to continue to operate normally without furloughs or redundancies. For our employees’ safety however, we decided that whoever could work from home would be allowed to do so. As a result, only our software development staff who required privileged access to our source code needed to report for work at our offices.”

Frenkel also tells us about a new initiative offered by the Company to its customers at the start of the pandemic: “One of our products is called Remote Screen View — providing what amounts to a video feed that enables a support provider located off-site, such as at home, to have a safe view over the Internet of screens for the systems and computers that are deployed in an industrial network. When, for example, a power station’s vendor support people cannot be physically present at the site and a failure occurs, site technicians wishing to ‘show the vendor what is going on’ and consult with the vendor, might not be able to do so safely – their security policy generally forbids connections from the industrial network to the Internet through only firewalls.”

“Our product enables the sites’ employees to ‘export’ screen images, in real-time, with no fear of attack, so that vendor support people may safely view the control screens showing fault alerts and other information. The vendor’s people can then give on-site employees directions as to how to investigate such issues further, and ultimately resolve them. Following the Corona Virus outbreak, we issued all of our customers with unlimited licenses for the Remote Screen View product at no cost, enabling them to reduce the number of employees attending their places of work. Instead of 20 employees present at an industrial site, only three might be left there, while the others were allowed to remain at home, see the relevant screens, and respond accordingly. Customers have been using this capability a great deal throughout the pandemic and their feedback is that they found it most helpful.”

*First published in The Marker magazine in Israel.