Editor’s Note: Power Engineering recently did a Q&A with Bill Moore, CEO and founder of XONA. The company is a user access platform tailored for remote operational technology sites.
Moore has an extensive, 20-year career in cybersecurity and high-tech sector issues. In light of the recent attack on the Colonial Pipeline and other infrastructure, PE thought it was timely to get some insights on the cyber and ransomware dangers facing the power utility industry.
— — — — —
Power Engineering: Companies and mission-critical facilities like hospitals have been hit with ransomware attacks for years. Yet, with the shutdown of the Colonial Pipeline, we are reminded of the threat to electric power generation and service. Are utilities adequately prepared? And if not, what can they do better to defend themselves?
Moore: “I don’t want to speak for all utilities since the industry isn’t a monolith. However, we’ve seen enough cybersecurity incidents in the past several months to know that the sector should be on notice. Even before the pandemic, cybersecurity threats were becoming more common and sophisticated. Today, many utilities embrace hybrid work arrangements that expand their threat surface, requiring enhanced security measures when connecting to critical infrastructure systems.
“To improve their defensive posture, utilities need a two-tiered approach: First, they need to address their digital hygiene. The Colonial Pipeline attack was executed using a single compromised account password, which is a reminder that everyone has a role to play in keeping critical infrastructure. At the same time, utilities need to employ a zero-trust framework, including two-factor authentication, protocol isolation, user-to-asset connection segmentation as well as user access monitoring, logging and recording.”