Rising cyber attacks: critical sectors under threat

Take a look at these examples:

Cyber espionage hit the headlines recently in the first week of September 2012 with reports of a series of hacker attacks. State-owned Saudi Aramco, the world's biggest oil producer, and Qatar gas exporter Ras Laffan Liquefied Natural Gas Co., known as RasGas, were hit last month by a virus called Shamoon. 

This virus that badly affected the computer systems at these two major oil and gas companies in the Persian Gulf appear to be deliberate attempts at massive sabotage.

Saudi Aramco, which has a total staff of about 56,066, saw 30,000 of its workstations affected by the cyber-attack. It was forced to isolate all its electronic systems from outside access until it restored them and restricted its remote Internet access.

In 2000, the Interior Ministry of Russia reported that hackers seized temporary control of the system regulating gas flows in natural gas pipelines, although it is not publicly known if there was physical damage . The former Soviet Union was victim of an attack to their gas pipeline infrastructure in 1982 when a logic bomb caused an explosion in Siberia.

In India as well, there are many industries faced with cyber-attacks, of which some of the attacks are identified, while others are in suspected stage. Some of these attacks are severe enough to cause re-installation of the system and production loss. 

According to industry estimates, over the last decade, India has seen an increase in the number of cyber-attacks, from 2,565 in 2008 to 8,266 in 2009 and 10,315 in 2010. 

Recent example is a cyber-security breach being suspected as the reason for the recent power grid failure and for the Northeast India crisis. There is also increasing evidence that demonstrates the threat of cyber-attacks to critical infrastructure like oil & gas refineries, power grids, hospitals etc. which makes it a must for organizations to evaluate their vulnerabilities and implement a robust security system to counter them. 

Today's natural gas transmission and distribution systems are heavily dependent upon technology and supervisory control and data acquisition (SCADA) systems to safely and efficiently transport the energy product to the end user.

 

Designing, operating, and maintaining a pipeline facility to meet essential availability, reliability, safety, and security needs as well as process control requirements requires the careful evaluation and analysis of all risk factors. 

"Attacks on a cyber-system may involve only the cyber components and their operation, but those impacts can extend into the physical, business, human, and environmental systems to which they are connected. A cyber event, whether caused by an external adversary, an insider, or inadequate policies and procedures, can initiate a loss of system control, resulting in negative consequences," explains Amitava Biswas, Country Head, Honeywell Process Solutions.

However, the industry is unaware of these facts, most of the manufacturing

businesses in India do not have a crisis management plan and often productivity is chosen over security. While alarming, these statistics are not surprising. Most businesses have the attitude - 'It will never happen to me.'

There is a critical need for the manufacturing sector in India to be aware of the cyber landscape, high risks they are exposed to and they must also ensure themselves with latest technology and adhere to international best practices. 

A comprehensive cyber-security management system, a scientific approach, incorporation of the best automation technology offers an effective solution for the growing cyber-security challenges in today's operating environment.