Breakfast Meeting: Smart Business Infrastructure – Cyber Security in the Digital Age
AMCHAM’s Tamil Nadu Chapter hosted a breakfast meeting on smart business infrastructure in the digital age on June 23rd, 2017 at Hotel Westin Velachery. Mr. R. Ramkumar, Chairman – Tamil Nadu Chapter, AMCHAM, chaired the meeting. The featured guest speaker was Mr. Bithal Bhardwaj, Chief Information Security Officer, GE Africa and South Asia. While welcoming members to the breakfast meeting in June, Mr. Ramkumar emphasized that with connected networking being the order of the day and the government working towards a digital India, awareness on cyber security has come to the forefront. He said that there are two kinds of companies – one that knows that it has been compromised and the other which does not.
Mr. Bithal Bhardwaj made a short presentation and said that he would be focusing on the industrial and digital security risks, which according to him, are the foremost risks that business leaders should be aware of. He said concerns that the security of the physical infrastructure are overblown, it’s not particularly encouraging, although there are signs that awareness of the issue is rising. Mr. Bithal said that in operations technology (OT) the manufacturing process control systems, which are used in utilities, healthcare, transportation, oil and gas, chemical production, among other industries, use systems which are increasingly linked to computers and networks and therefore particularly vulnerable. A simple innocuous device like a pen drive brought in by a person intent on sabotaging the entire process control network can insert the pen drive into the USB port of a computer in the control system and wreak havoc.
Mr. Bithal gave new age definitions for terms used in today’s connected world:
- Manufacturing plants – they are the cash generators and are now connected over the internet
- Data – is everywhere and more meaningful, can be used for a variety of needs
- Cloud – trust is exercised more than ever
- Technology – fast evolving with increasing mobility all leading to a greater cyber risk
- Cyber physical – malicious attacks on machines, can break into controls via the internet to open sluice gates when they should not be opened
- New age companies like Amazon, Facebook, Uber, Google etc can make sense of the voluminous data they gather from their customers
Warning bells in case of cyberattacks include:
- Nation states – compromising critical infrastructure at a fraction of the cost
- Insider threat – start up boom, early career launches, surveillance and easy availability of broadcast tools
- Hacktivism – extreme nationalism and anti-establishment sentiment across the globe
- Cyber-crime – growth fueled by digital currency
- Ransomware – Wannacry, a $100 billion industry
There needs to be a paradigm shift in the role of cybersecurity personnel where the focus is to protect manufacturing facilities and other company owned assets. This is important because cyber physical is becoming more rampant often violent and the intention is to steal data and then monetize it or freeze data on the hard disk and then monetize it.
The key takeaways from the meeting were:
- OT control systems are being connected to the internet or mobile devices, exposing them to risk they were never designed to protect against.
- A utility worker may set up a wireless access point at a transformer to connect to the company network, for example. This could happen in the case of a dam where the sluice gates can be opened remotely or in the case of a water utility, sewage can be mixed into the drinking water pipelines.
- Without the right security in place, such as encryption leaves this piece of grid infrastructure or utility system exposed.
- Industrial companies are also showing more willingness to disclose cyberattacks than a few years ago, which is generally considered good for raising awareness of cybercrime. The reality is that people are aware there is risk in that (control system) space and it is not necessary to spend a lot of time convincing people about risks involved.
- A malicious attack in a process controlled industrial establishment is the top “threat vector” of concern. The others are internal threats, external threats from hacking activists or nation states, and phishing scams.
- The equipment that are of most concern from attacks are computers and network gear that connect to controllers of industrial systems.
- Physical security on the periphery alone will not reduce the risks and an industry which uses OT control systems should have layered controls, an architecture where security and monitoring are embedded into all levels of a network, rather than only the perimeter. Keeping the systems updated will also improve security.
In support of our shared goal to promote an open, interoperable, secure, and reliable internet that fosters innovation and serves as a tool of economic and social development, AMCHAM members need to increase cooperation in the areas of cyber security, cyber defense, international security in cyberspace, be proactive on law enforcement responses to cybercrime and to strengthen our collaboration on cyber issues in relevant national and international fora. In Chennai, AMCHAM members are encouraged to share best practices amongst the Information Security Officers of member companies.