As a key facet of critical infrastructure, power plants — and the leaders who work at them — deal with highly privileged information on a regular basis. While enterprise security is a vital feature at all enterprises, at power plants it’s especially imperative, since the consequences to not having it can be dire.
“Critical infrastructure faces an increased risk of attack these days.”
With cyberattacks gaining momentum and honing in on increasingly high-value targets, critical infrastructure entities have reason for concern. This fact came to light back in December 2014, when nuclear plant operators in South Korea revealed that their computer networks had been hacked, according to Reuters. At the time, nuclear reactor design expert Suh Kune-yull told Reuters that the attack pointed to the potential that cybercrime could jeopardize national safety.
“A compromise of nuclear reactors’ safety pretty clearly means there is a gaping hole in national security,” Kune-yull said.
Months later, in March, South Korean representatives publicly blamed North Korea for the reactor hack, stating that they were able to trace Internet addresses linked to the attack to their northern neighbor and longtime adversary. The malicious strain that was used to carry out the intrusion was also created in North Korea, The Wall Street Journal reported. A news story like this has implications across the globe. A cyberattack on a power plant infrastructure isn’t a hypothetical event anymore — it’s something that really happened. And now that it’s a reality, there are perhaps other hackers who are devising similar intrusions.
Vulnerabilities Via Email
One might think that the attack on the South Korean power plant system was highly intricate, but in fact it had relatively simple origins: The malicious intrusion — like so many others — began with a series of phishing emails.
“The South Korean power plant attack was conducted via phishing emails.”
There’s a reason why spear phishing emails represent a go-to strategy for cybercriminals: Email tends to be one of the most vulnerable entry points in any enterprise’s infrastructure. Once unsophisticated, spear phishing campaigns now have the potential to be highly convincing — so that a targeted staff member may actually be fooled into providing privileged data to a hacker.
Guarding Email: A Power Plant Priority
Because it represents one of the easiest points of entry for attacks, protecting email must be a priority for power plant administrators. Here are some of the steps that power plants must take to secure email:
- Instruct all employees in the fundamentals of secure emailing: Phishing emails prey on individuals in the hope that one of them will supply privileged data. Therefore, all it takes is one worker falling for a phishing email for an entire critical infrastructure network to become compromised. Because of this, it’s vital for power plant administrators to ensure that every staff member is trained in the basics of safe email practices.
- Put authentication solutions in place: When it comes to critical infrastructure, authenticating the identity of each individual user is imperative. Otherwise, you run the risk of an intruder potentially stealing someone’s email login credentials in order to gain access to highly protected information. To avoid this, it’s vital that power plant administrators implement authentication tools for business email. By providing power plants with staffer-specific digital identities, an authentication tool helps generate a chain of trust that is highly difficult for an outsider to breach.
- Hold mobile and remote devices to a higher standard: Employees in every industry are increasingly moving toward using their personal and mobile devices for business access. For power plants that allow remote and mobile access, the standard of protection for these platforms needs to be even higher, since their portability and remote locations make them inherently more vulnerable. By leveraging a secure mobile solution, power plants can limit the risks posed by mobile devices.
When it comes to securing email for critical infrastructure, Entrust Datacard is a leader in the industry. Our IdentityGuard offering provides users with a robust means of validating user identities to prevent any malicious element from gaining privileged access. The unmatched quality of our solutions is what makes us a leading authentication provider for government, enterprise and banking.