Midstream oil and gas companies have digitized and fully connect their systems to increase efficiency. Unfortunately, this shift towards digitization increases the risk of a serious security breach unless companies act to protect their connected systems. In the meantime, some companies regard cyber attacks as threats only to "other" companies and therefore do not feel compelled to increase their cybersecurity protection with an appropriate sense of urgency.
The pipeline industry, in particular, is exposed to significant risks given its technological landscape and the stakes – including human, environmental and economic security – in the event of an IT attack.
Recently, innovative blockchain technology has been implemented to protect distributed systems as conduits, change the face of IT protection and create a new opportunity to continue improving efficiency while increasing protection for critical infrastructures.
Why computer vulnerability?
Sensors, pressure regulators and measuring devices are distributed along the length of the pipelines, as well as at the entry and exit points. This has created a sophisticated digital system that spans the United States and communicates across a wide range of networks, from high-bandwidth Wi-Fi to low-bandwidth, covering significant distances. This interconnected system creates a large area of attack for cyber security, an inviting opportunity for hackers. Pipeline control, measurement systems and other connected devices are in danger of a variety attack which, given the connectivity, will no longer be isolated.
Halfway between oil and gas, ransomware attacks pose a particular threat. Hackers can claim to have compromised pressure controllers, threatening spills or explosions and demanding that the ransom be paid by the pipeline owner or operator in exchange for minor damage.
Other risks, such as data tampering or data theft, are not direct but can be just as harmful. Furthermore, many systems that generate data do not have passwords or only have simple passwords, left unchanged indefinitely. It combines poorly protected devices and controllers with widespread connectivity driven by the desire of operators to access data for control or visibility and the door is open to cyber attacks.
Within digital pipeline systems, if a hacker can penetrate (which can take only a few seconds) and compromise a component, he is often able to use the compromised component to launch additional attacks on other devices at the same time. internal system. Since devices within a network tend to "trust" one another electronically, once a component is contaminated, the infection can spread widely and quickly. Distributed by nature, pipelines are vulnerable to physical attacks in a myriad of locations or, even if a single LAN or device is not well protected, at the digital attack.
How do industries protect themselves from these hacks? Some owners and operators of pipelines have adopted "air gapping" or data diodes, completely separating pipeline control systems from all external networks. Unfortunately, technological mobility is a threat to air-gapped networks. Technicians and other staff regularly connect transient devices – laptops, smartphones, iPads, USB drives – that may already be compromised, to networks that connect industrial control systems, limiting the possibility of separation. With the increase in data sharing and connection, air gaping or recourse to data diodes is not only obsolete, but is at most a porous barrier that creates a false sense of security for the user. pipeline company.
Hackers cause real damage
It is impossible to fully understand the cause and extent of the damage currently faced by pipeline companies through cyber-actors. However, in recent years, several pipeline incidents indicate the possible involvement of hackers, including:
In addition, the following incidents provide examples of how dangerous these systems can be when compromised:
If hackers are responsible or not, these are graphical reminders of what can happen if systems are compromised and hackers take control.
Blockchain: the Game-Changer
The innovation Blockchain offers hope for a more securely connected Internet of Things (IoT). Blockchain is a unique cybernetic security approach, as it is distributed by its nature and gains strength by adding more devices into a network.
Blockchain does not rely on individual components within a network to be completely secure. Instead, the components communicate internally and reach a consensus on the acceptable and unacceptable activity of the device. Within blockchain-protected networks, if attackers want to compromise a system, they can not simply jeopardize some sub-components; they must instead compromise most or all system nodes to sabotage the system as a whole.
In a network that uses blockchain security, stealing a password will not give access to hackers because the password can be protected by blockchain through the nodes of a system. In fact, a password is subdivided into small bits and widely dispersed among different components. Therefore, to access a device or instrumentation it is necessary that the majority of the nodes be in agreement. This makes the successful hacks of blockbuster-protected industrial IoT networks a virtually gigantic challenge.
To improve security, pipeline owners and operators can also encrypt data and enter encryption keys in the blockchain. Consequently, access to data is only possible if most of the participants agree that the device or application requesting the data is a legitimate owner of sensitive information. In addition, data can be moved and processed at the company's preferred location to prevent data from being exposed or armed.
Blockchain allows owners and operators to collect data from the pipelines in a cohesive manner, combine them and perform analyzes to better understand maintenance and other internal processes. Blockchain is also able to replicate information in an approved and secure manner. This makes it the ideal intermediary for corporate headquarters and control centers and, of course, among the pipeline equipment itself.
Policies such as defining which technicians can access which equipment are centrally defined and then the blockchain replication spreads information about the entire field and the entire pipeline architecture, so that policies can be applied locally to the pipeline . Even if connectivity is lost, the local blockchain nodes continue to determine who can and can not access devices based on the centrally defined policy.
Finally, once the nodes have reached their decision to access a network that uses blockchain security, authorized users are not dependent on any single database to help retrieve information regardless of the severity of a disaster. A loss of nodes in the field will not compromise the nodes in the corporate offices when adequate security is protected by blockchain.
Study topic
A vertically integrated pipeline company, relatively inefficient in IT security, has had problems accessing unaddressed key data. The company was executing a sophisticated application of predictive maintenance analysis on its adjacent pipelines and equipment. This meant that access to the validity of data and data was essential. As a distributed product, the analysis application was collecting data from about two thousand points before centralizing and processing them.
The company switched to blockchain-protected data access for its data collection points and central processing system. To avoid data tampering, the data was encrypted and assigned to the hash at the source. While corporate performed analysis using cryptographic keys to prevent data theft, the security system automatically checked the data hashes to eliminate the risk of data tampering. In other words, the blockchain ledger took the hashes generated and committed to the blockchain at the source and compared them with the data that were processed centrally, allowing the team to determine if there had been tampering, while controlling access. to data via cryptographic keys that were also stored in the blockchain.
A conventional protection system for two thousand gas sensors in the field is not adequate. Without a managed identity system and instead simply with a user name / password set manually on each sensor, the system is vulnerable to compromising any of the two thousand measurement points via a compromised or stolen password. The use of blockchain allowed the operator to pass on the use of all identities managed with complex passwords hidden from users and hidden and tamper-proof in the blockchain. After the new implementation, users were able to access the data fabric using their personal identities without having to know the password of each individual device and the data fabric was completely protected by blockchain. Access was based on centrally established policies by the pipeline company, giving the company a safer and more fully automated approach to security.
perspective
Although blockchain is a fairly new technology, due to its ability to solve distributed information problems, its prospects in the pipeline sector are strong.
The blockchain implementation has a greater impact when you group the blockchain solution with the overall software security solution. It is not necessary for pipeline personnel to become proficient in the internal operations of the blockchain because the tool works under authentication and identity management, password control, accesses, logging and data replication.
Blockchain security is the best solution to protect the industrial IoT, in particular oil and gas, allowing a reinvention of IT protection and providing a new platform for optimized operational performance.
Duncan Greatwood is CEO of Silicon Valley's Xage Security (www.xage.com).