While an increase in malware, ransomware and phishing emails exploiting the Covid-19 crisis is the primary reason behind the spike, Naval Dome furthers that travel restrictions, social distancing measures and economic recession are beginning to bite into a company’s ability to sufficiently protect itself.
Naval Dome chief executive officer Itai Sela said: “Covid-19 social restrictions and border closures have forced OEMs, technicians, and vendors to connect standalone systems to the internet in order to service them.”
The global crisis and social distancing measures are preventing OEM technicians flying out to ships and rigs to upgrade and service critical OT systems, resulting in operators circumventing established security protocols, leaving them open to attack.
“As budgets are cut and in the absence of service engineers, we are seeing ship and offshore rig staff connecting their OT systems to shoreside networks, at the behest of OEMs, for brief periods of time to carry out diagnostics and upload software updates and patches themselves.
This means that their IT and OT systems are no longer segregated and individual endpoints, critical systems and components may be susceptible. Some of these are legacy systems which have no security update patches and are even more susceptible to cyber attack.
“The increase in OEM personnel working remotely on home networks and personal PCs, which are not well protected, adds to the problem.”
Sela said that during the first three months of 2020, attacks targeting home workers increased tenfold, adding that PC security software provider McAfee has reported that between January and April cloud-based cyber-attacks on all businesses increased by 630%.
He furthered that the economic downturn and the drop in the price of crude oil is also having an effect, with oil companies and contractors being faced with limited budgets available to implement effective cyber security measures.
“Companies are stretched thin and this is benefitting the hacker,” said Sela.
“It is not sufficient to protect only networks from attack,” said Sela. “Each individual system must be protected. If networks are penetrated, then all connected systems will be infected.
“Our philosophy is that all systems must be protected using a risk ranking. If it is, then the entire platform is protected from both internal and external attack vectors. If only the network is protected, then whatever enters the net (such as an unintentional attack from authorised personnel) will infect all connected systems. This philosophy is more cost-effective.”
Naval Dome’s software solutions adhere to the strict cyber security protocols set by the National Institute of Standards and Technology (NIST).
NIST’s Purdue Model for industrial control systems and architecture – an industry adopted reference model that shows the interconnections and interdependencies of all the main components of a typical inter-connected systems – divides ICS architecture into three zones and six levels. Naval Dome protects more deeply embedded systems such as HMIs, alarm/alert and control room workstations to NIST Level 1 and above.
The Purdue Model allows information security professionals and process control engineers that are responsible for protecting an organisation's most valuable assets to visualise how to protect against a security breach, whether involving confidentiality, integrity and/or availability.
Ido Ben-Moshe, vice president business development, said the problem is particularly acute in the marine and offshore oil and gas sectors. “If hackers penetrate networks, and critical equipment is exposed there could be significant safety, downtime, financial and potential reputational damage.
Ben-Moshe added that remote working and the introduction of remotely controlled, autonomous technologies is likely to take place at a faster pace in a post-coronavirus world.
“This will see companies face new cyber security challenges if they fail to implement adequate protective measures,” he said.