Shocked Florida residents recently discovered that a hacker got into the computers regulating the Pinellas County water supply and increased the levels of sodium hydroxide. The increased toxicity level was quickly spotted and reversed by staff, ensuring public safety. Still, it’s a scary story that highlights the potential vulnerabilities of public utilities to cyberattacks, and the possible consequences for public health.
These days most utility company systems are run by computers, and they’re also online 24/7 so that they can be managed by remote operators. This can open the door to cyberattacks. Huge amounts of money have been invested in cybersecurity to ensure that these systems are tamper-proof, but even a single incident could be lethal and create fear among consumers. The Florida incident illustrates just how crucial strong cybersecurity is for us all.
Since the COVID-19 outbreak began in early 2020 more and more people have been working online from home, to help contain the pandemic. In many businesses and other operations, staff on-site have been replaced by remote workers. There’s also been a rise in the use of automation, such as AI (artificial intelligence) and machine learning, to monitor critical IT systems and operations. This sometimes means that staff are grappling with new tools and ways of working, which can leave a small gap for hackers and cybercriminals to infiltrate systems and evade speedy detection.
The Ponemon Institute recently reported that criminals attacking utilities are getting smarter and more effective. Across the fields of electricity, water treatment and solar, wind and gas energy, more than half of utilities managers (54%) were expecting at least one attack in 2021. Any cyberattack could potentially trigger a major event and perhaps a serious public health problem. The prospect is clearly extremely disconcerting for society as a whole.
Utility companies are extremely aware to the need to protect infrastructure, which is why premises are usually secured by fences, razor wire and guards. Measures to protect against cyberattacks are comparable to those taken by other enterprises. It consists of learning from past mistakes and any security gaps they exposed, raising the vigilance level and innovation in the tools used to protect their systems.
You may be aware of some of these security solutions, since they are also used by businesses and large corporations. Integrated AI that actively searches for and identifies threats can be very helpful. The advantage of AI is the amazing speed at which it can analyse data and identify problems that may be the act of saboteurs.
The Internet of Things is also a factor to consider here. Although it’s true that some internet-connected household appliances can be a security weakness, this isn’t necessarily the case. Utility companies have been rolling out smart meter installations so they can better modulate the distribution of water and electricity. The problems that could arise with smart meters were identified at the beginning and a great deal of effort has been invested in making sure that these systems are secure and keep the hackers out.
The importance of protecting our utilities is obvious, but it’s just one example of how serious the social consequences of cybercrime can be in a worst-case scenario. What do you think? Should the public subsidize the cybersecurity of utility companies, in the interests of public health? What should be done? Let us know in the comments section.
Comments are closed.