Adding Industrial Connectivity Without Adding Cyber Risk

Unidirectional gateways are used to secure connectivity to industrial networks that serve as the lifeblood for analytics data used to optimize Oil & Gas production operations.
Picture of Kevin J. Rittie

Kevin J. Rittie

Industrial Connectivity without cyber risk

Analyzing data followed by optimizing a process with the goal of increasing efficiency is an accepted formula that can be applied to nearly any industry. When it comes to large industrial processes, the collection of such data (for analysis) has grown significantly–and continues to grow–while the drive for increased optimization and higher efficiencies is ever more desired.   

With the recent advent of IIoT, Industry 4.0, Cloud-based analytical services, and 3rd party vendors, all of which use the internet and corporate intranets to transmit and export data, new attack vectors are continuously arising. The common architectural IP-based pathway at the core of all integration presents a most attractive attack surface to those with less than good intentions. Many IIoT are configured in a way that directly violates the Purdue model’s “defense in depth”. However, the data provided by these devices and their sensors is critical to the economic viability of the operations.  Therefore, securing them is not just an option to be considered, but a requirement. 

“Many IIoT are configured in a way that directly violates the Purdue model’s “defense in depth”. However, the data provided by these devices and their sensors is critical to the economic viability of the operations.” 

Must-have Connectivity

Despite the risks that these devices and their connectivity pose, most of this integration is vital in making the operation economically feasible. If solutions and networks can be maintained to run for 25 years, created with connected devices that alert for preventative maintenance, then having the machines break down after 10 years while running in isolation and not taking advantage of efficiencies that extend operational lives is no longer an acceptable business option. As connected operations deliver higher efficiencies through better maintenance of production machinery, the more the demand for connectivity will grow. 

The Risk of Ransomware

While the benefits of these connected sensors and devices have a clear upside, there is a risky downside. One glaringly common threat is that of ransomware. The fear is that someone may: 

  • Exploit the integration and knowledge gains made possible by connected devices to establish a foothold in the industrial network…

     

  • From there, move laterally, escalate privileges, and eventually encrypt the contents of the entire industrial network…

     

  • Thereby impacting operations and possibly causing significant societal impacts.  

 

The attackers then contact the owners and offer the encryption key for a ransom. Usually millions of dollars. And there is no guarantee that the encryption key ransomed will actually unlock your data. There is no ransomware support to contact if everything doesn’t go back to normal after the ransom payment—you effectively start over with backups and fresh systems. 

There are dozens of other cyber threats besides ransomware. Protecting against all of them is as important as protecting against only one of them. 

Protecting OT Connectivity

When it comes to protecting IT networks, the main concern is that someone will exfiltrate sensitive information. When it comes to protecting OT networks, the main concern is that someone will insert malicious code into the network or a device, which will cause it to simply stop working, or worse, violently stop working in a way that endangers the lives of the surrounding workers. As such, while IT security is heavily focused on protecting anything from leaking OUT, OT security is heavily focused on making sure nothing gets IN. 

The Solution: Unidirectionality

The connectivity requirements for industrial systems help operational data travel to where it needs to go to be analyzed, be it the cloud, a third-party vendor’s servers, or the OEM of an IIoT device. While this connectivity is critical for operations and maintaining efficiency, it is mainly the incoming connectivity that poses all the risks, and the outbound connectivity that provides all the benefits. The Solution: Unidirectionality. Waterfall’s unidirectional gateways and other solutions replicate the OT system’s servers, updating them in real time using a unidirectional connection that lets the data flow outward. If anything tries to flow into the OT network, it can’t. The physical hardware is designed to literally be missing those components, making it impossible to breach the OT network, ensuring that it remains 100% unbreachable.  

When the analytical servers on the cloud, the third-party vendors, or the IIoT device needs to send a request for pulling the data, it sends the request to the replica of the OT system’s server that sits on the Waterfall unidirectional gateway. If a threat actor attempted to hack into the OT network, they would be hacking into an inert replica that only provides copies while not allowing for any access to any of the controls.  

Embracing the OT Digital Transformation

As industries embrace the era of digital transformation and rely more on interconnected systems for operational efficiency, the need for robust cybersecurity measures grows in importance. While the benefits of connected sensors and devices are undeniable, the looming threat of cyberattacks underscores the importance of safeguarding industrial networks. Unidirectional gateways offer a compelling solution by enabling outbound data flow for analysis while ensuring that no incoming connections compromise the integrity of the operational technology (OT) network. By implementing such measures, industries can strike a balance between connectivity and security, safeguarding their critical infrastructure and optimizing Oil & Gas production operations without adding additional cyber risks.  

About the author
Picture of Kevin J. Rittie

Kevin J. Rittie

With over 30 years in the control system market, Kevin Rittie is a seasoned software and cybersecurity professional who has led diverse development groups with budgets up to $10M. He has a comprehensive background, starting as a project engineer and software developer, and has excelled in roles such as Product Management, Cybersecurity, Sales, and Marketing. Kevin's innovative contributions include leading the design of a patented control visualization architecture and driving the development of energy management solutions, culminating in the establishment of his own business, RevelationSCS, focused on change management, software practices, and securing critical infrastructure.
Share

Stay up to date

Subscribe to our blog and receive insights straight to your inbox