Our corporate public IT domains (like siemens-energy.com) are constantly under cyber-attacks since they are connected to the public internet network. In a 2015 survey of 314 organizations operating Industrial Control Systems (ICS) around the world, 34 percent of respondents indicated that their systems were breached more than twice in the last 12 months. 44% of organizations were unable to identify the source of the attack.
Due to low cost Information and Communication Technologies (ICT) and rapid Return Of Investment (ROI), the digitalization use cases implementations in the energy sector will on one side increase, but on the other augment the cyber-attack surface, and consequently the potential risk level, due to the introduction of new Industrial Internet of Things (IIOT) components and edge/cloud AI/ML/5G technologies.
Oil and Gas midstream transmission pipelines will be no exception: they are critical infrastructure and rely upon their core Safety Instrumented Systems (SIS) for ultimate business continuity and safety.
Targeting the Operation Technology (OT) environment of energy companies with malware (like Stuxnet Iran, Power Grid Ukraine, Triton Saudi Arabia) represents the bleeding edge of nation-state hacking activities. To inflict even more destructive damages on opponent’s critical industry some advanced hacker organizations aim to disable safety functions on SIS systems, causing potential harm to people’s health, the environment as well as on valuable assets.
This paper presents Siemens view on key cybersecurity defensive mechanisms part of the pipeline control & communications systems defence-in-depth approach, focusing on SIS protection measures, sequence of event (SOE) clock synchronization, multi-factor authentication, early-warning cyber intrusion detection and ransomware recovery.