In an era where technology knows no boundaries, the safeguarding of critical infrastructure is not just a national security issue — it is an existential need that extends to the very fabric of our society. From the power we rely on to the water we drink, every aspect of our daily lives hinges on the operational technology (OT) systems running smoothly and securely behind the scenes. However, a silent yet critical battlefield is arising, and it’s not fought on conventional grounds; it’s being waged in the unseen networks and systems that power our lives.
Understanding the Complexity of OT Security
Operational Technology, the high-stakes cousin to the more commonly known Information Technology (IT), is the nervous system and eyes and ears of critical infrastructure. Unlike IT networks that deal with data, OT systems monitor, control, and ensure the proper functioning of physical devices and processes. For the power grid, this could be anything from power plants and electric transformers to the electrical lines and interfaces that allow for power distribution, so that you can turn the switch and have lights.
Given the critical nature of these systems, the security risks associated with OT are an escalating concern. The specialized nature of OT security, while similar to IT security, demands a distinct and equally vigilant approach. An attack on OT is no longer just a breach of data; it can have crippling, real-world ramifications, resulting in service interruptions, city-wide blackouts, loss of water, or worse.
The Chinese Threat
The People’s Republic of China (PRC) is one of the most significant threats to the security of OT infrastructure, across the United States and internationally, as they are a major supplier of critical equipment and computer chips. The on-going debate over the extent to which Chinese-made components within American OT systems pose a security risk has created an escalating atmosphere of critical concern.
The Path to Paralysis
Imagine a scenario where a foreign adversary can trigger a system-wide blackout in a U.S. city — or even paralyze the entire nation by exploiting seemingly minor process sensors. The perturbation of a single component, unnoticeable on its own, can send shockwaves through significant portions of the grid. This isn’t some doomsday hypothesis; it’s a strategic capability within reach, and it’s the reason why OT security must be an eminent national priority.
Evidence: Industrial Cyber
The noted publication, Industrial Cyber, highlights the growing concerns surrounding the security of Operational Technology (OT) within the United States, evidenced by incidents like the Volt Typhoon cyberattacks. It underscores the critical nature of safeguarding the nation’s infrastructure from foreign adversaries, especially given the explicit warnings from Mr. Wales, about threats to national security.
The piece we reference via a link below details the potential catastrophic outcomes of targeted attacks on the U.S. power grid and other essential services, advocating for OT security to be a top national priority in light of vulnerabilities. The urgency to protect the infrastructure, which is vital for both local and global economies, is emphasized as a matter of national security.
Select Committee on CCP holds hearing on Chinese threat to American homeland, infrastructure
Evidence: Control Global (Process Sensors)
Joe Weiss’ blog post on the Control Global website underscores the vital yet often overlooked aspect of critical infrastructure security: the security of process sensors. It argues that without ensuring the integrity and security of these sensors, which serve as the foundational elements of operational technology systems, the broader efforts to secure critical infrastructures are not possible. Drawing attention to vulnerabilities in sensor security, the post referenced via the link below elaborates on how these weaknesses could potentially be exploited by adversaries to inflict damage or gain unauthorized access to critical systems. It stresses the importance of adopting comprehensive security measures that encompass not only the digital interfaces and networks but also the physical components, such as sensors, that provide the input to the networks.
Mr. Weiss advocates for a holistic approach to infrastructure security, reflecting on the necessity of such measures to protect against sophisticated threats and ensure the resilience of vital systems. This
emphasis on the security of process sensors, in addition to network security, is crucial to the larger framework of national and global security. It serves as a call to action for industry and governmental bodies alike.
Critical infrastructures cannot be secured when process sensors are not secure
Evidence: Control Global (Electric Utility Industry Responses)
In a continuation of the discourse on critical infrastructure security, a more recent blog post from Joe Weiss critically examines the response, or lack thereof, of the U.S. electric industry to the cybersecurity vulnerabilities posed by Chinese-manufactured equipment. This post (linked below) highlights the substantial risks that come with the use of such equipment in vital infrastructure systems, pointing out the potential backdoors and weaknesses that could be exploited by adversaries.
WE NEED TO BE MORE PROACTIVE WHEN IT COMES TO OT SECURITY WITHIN THE ELECTRIC UTILITY SECTOR
The discussion is rooted in the broader context of national security and the strategic implications of relying on foreign-manufactured components that may not meet rigorous cybersecurity or even reliability standards. This examination not only calls for increased awareness and scrutiny concerning the sourcing of critical infrastructure components, but also for actionable steps to mitigate these vulnerabilities. Mr. Weiss urges industry stakeholders and policymakers to reassess and fortify their supply chains to safeguard against these emerging threats, emphasizing the urgent need for a proactive approach to cybersecurity within the electric utility sector.
The U.S. electric industry is not responding to cyber-vulnerable Chinese equipment
A Call to Action
Acknowledging the nuances and complexity of OT security is merely the first step. Complacency, be it due to inertia or budgetary constraints, is a lapse that our adversaries are keen to exploit. This challenge demands three critical pillars of action.
Securing the Supply Chain
Firstly, a comprehensive and meticulous examination of OT supply chains is a must-have. This includes both vertical and horizontal analyses, tracking not just the provenance of individual components down to the chip level, but also the networks through which they are sourced and serviced. Regulatory frameworks and industry standards must evolve to ensure these supply chains are resilient against coercive or exploitative tactics.
Building Defensive Depth
Secondly, the approach to defending OT systems must encompass more than just perimeter security. It requires a layered defense that integrates threat intelligence, security operations, and industrial controls systems (ICS) security. Within this strategy, isolation and segmentation play critical roles in protecting control systems assets. By isolating critical systems and segmenting networks, organizations can significantly reduce the attack surface and prevent lateral movement of potential threats across the network. This unified strategy should be proactive and adaptive, able to respond to threats in near real-time and neutralize them before they manifest fully.
Fostering Collaboration
Lastly, effective defense against the multifaceted challenges of OT security will demand a level of collaboration unprecedented in the realms of national security. This will not just be about public-private partnerships, though they are crucial. As critical infrastructure systems and components are sourced globally, it will also necessitate international cooperation that transcends geopolitical tensions to protect the infrastructure upon which global stability rests.
Conclusion
The landscape of national security has expanded into the unseen fiber of our daily operations. The American reliance on Chinese components and technologies in our critical infrastructure is inherently problematic and presents a risk that must be managed with precision and purpose. The threat to American OT security is not a problem facing the future; it’s a challenge of the present that demands our immediate and sustained attention. As we weave a stronger defense, the lessons learned from this approach will not just secure our communities; they will be templates for the protection of critical infrastructure worldwide.
