US Power Grids, Oil and Gas Industries, and Risk of Hacking

A report released in June, from the security firm Dragos, describes a worrisome development by a hacker group named, “Xenotime” and at least two dangerous oil and gas intrusions and ongoing reconnaissance on United States power grids.

Multiple ICS (Industrial Control Sectors) sectors now face the XENOTIME threat; this means individual verticals – such as oil and gas, manufacturing, or electric – cannot ignore threats to other ICS entities because they are not specifically targeted.

The Dragos researchers have termed this threat proliferation as the world’s most dangerous cyberthreat since an event in 2017 where Xenotime had caused a serious operational outage at a crucial site in the Middle East. 

The fact that concerns cybersecurity experts the most is that this hacking attack was a malware that chose to target the facility safety processes (SIS – safety instrumentation system).

For example, when temperatures in a reactor increase to an unsafe level, an SIS will automatically start a cooling process or immediately close a valve to prevent a safety accident. The SIS safety stems are both hardware and software that combine to protect facilities from life threatening accidents.

At this point, no one is sure who is behind Xenotime. Russia has been connected to one of the critical infrastructure attacks in the Ukraine.  That attack was viewed to be the first hacker related power grid outage.

This is a “Cause for Concern” post that was published by Dragos on June 14, 2019. 

“While none of the electric utility targeting events has resulted in a known, successful intrusion into victim organizations to date, the persistent attempts, and expansion in scope is cause for definite concern. XENOTIME has successfully compromised several oil and gas environments which demonstrates its ability to do so in other verticals. Specifically, XENOTIME remains one of only four threats (along with ELECTRUM, Sandworm, and the entities responsible for Stuxnet) to execute a deliberate disruptive or destructive attack.

XENOTIME is the only known entity to specifically target safety instrumented systems (SIS) for disruptive or destructive purposes. Electric utility environments are significantly different from oil and gas operations in several aspects, but electric operations still have safety and protection equipment that could be targeted with similar tradecraft. XENOTIME expressing consistent, direct interest in electric utility operations is a cause for deep concern given this adversary’s willingness to compromise process safety – and thus integrity – to fulfill its mission.

XENOTIME’s expansion to another industry vertical is emblematic of an increasingly hostile industrial threat landscape. Most observed XENOTIME activity focuses on initial information gathering and access operations necessary for follow-on ICS intrusion operations. As seen in long-running state-sponsored intrusions into US, UK, and other electric infrastructure, entities are increasingly interested in the fundamentals of ICS operations and displaying all the hallmarks associated with information and access acquisition necessary to conduct future attacks. While Dragos sees no evidence at this time indicating that XENOTIME (or any other activity group, such as ELECTRUM or ALLANITE) is capable of executing a prolonged disruptive or destructive event on electric utility operations, observed activity strongly signals adversary interest in meeting the prerequisites for doing so.”

Wireless Networking in Industrial Plants

Wireless networking serves as the ideal alternative to high-cost industrial wiring. The setup also provides superior performance, solving the problem of electrical surges that result from field wiring.

Using a wireless system can result in an efficient supply of networking resources to field devices. The system facilitates an effective exchange of data between the host server and the field devices in the industrial setting.

Only a few industry-grade wireless field sensors have been offered so far in the year 2019. The reason for this is mainly a lack of information regarding its benefits. Once the cost-saving aspects of wireless networking become known in the industrial setting, it will likely spur the demand in the market and lead to an influx of innovative wireless devices for different field applications.

Benefits of Wireless Networking Systems in the Industrial Setting Explored 

Wireless technologies offer great value over wired solutions. A reduction in cost is just one of the many benefits of switching to the wireless networking system. There are many benefits, including enhanced management of legacy systems that were previously not possible with a wired networking connection.

Here is an overview of some of the value-added benefits of adopting wireless networking in industrial plants.

Reduced Installation Costs 

Savings in installation costs is the key benefit of a wireless networking system. The cost of installing a wireless solution is significantly lower as compared to its wired counterpart.

Installing a wireless network requires less planning. Extensive surveys are not required to route the wires to control rooms. This reduced installation cost is the main reason industrial setups should consider going wireless instead of having a wired networking system.

Improved Information Accuracy 

Adopting wireless networking also results in improved accuracy of information. The wireless system is not prone to interferences. As a result, the system ensures consistent and timely transfer of information from one node to another.

Enhanced Flexibility 

Enhanced flexibility is another reason for deploying wireless networking solutions in an industrial setting. Additional points can be awarded easily in an incremental manner. The wireless system can also integrate with legacy systems without any issues.

Operational Efficiencies

Migrating to wireless networking can help in improving operational efficiencies as well. Plant managers can troubleshoot and diagnose issues more easily. The system facilitates predictive maintenance by allowing the monitoring of remote assets.

Human Safety 

Another critical factor that should influence the decision to migrate to wireless networking is the human safety factor. Wireless technologies allow safer operations, reducing exposure to harmful environments. For instance, a wireless system can be used in taking a reading and adjusting valves without having to go to the problematic area to take measurements.

Efficient Information Transfer

Another advantage is that the time required to reach a device is reduced. This results in a more efficient transfer of information between network segments that are geographically separated. The industry wireless networking standards use IP addresses to allow remote access to data from field devices.

With wireless networking systems, readings can be taken more frequently that can help in early detection and reduction of possible incidents.

Wireless Networking Standards for Industrial Plants

The ISO100 standards committee has introduced a whole set of new standards for wireless communication in industries. The first standards include the ISA100.11 that pertains to processing data transfer while fulfilling limited control needs in the industries.

Hybrid architecture using WirelessHART mesh networking coupled
with ultra-efficient BLE Instrument Area Networks.
Image courtesy of Foxboro Schneider Electric.

ANSI and ISA have adopted the ISA100.11a standards for wireless communication in process industries. However, the standard has yet to pass through the international IEC standardization. This is due to the fact that ISA100.11a and IEC’s WirelessHART standards address the same market.

Technical Basis 

ISA100.11a is based on IEEE 802.15.4:2006 standard, similar to WirelessHART with 15 to 16 channels in the ISM band 2.4GHz range. However, the former can be used for a wider networking application in the industrial sector such as peer-to-peer messaging and network segmentation.

Distinct Hopping Patterns

Each segment in the network may use a distinct hopping pattern, unlike the WirelessHART. Moreover, the network segment has a dedicated time slot that results in the formation of large networks with overlapping segments.

Mesh Networking 

Another important point to note is that the ISA1001.11a wireless networking standard for industrial process makes use of mesh networking, which is similar to WirelessHART. However, the standard also allows devices at the network’s edge to not route information to different devices. This results in increased security that prevents unauthorized access to networks.

While not being technically different, the details of the two standards set them apart. However, the IS100.12 is already in development, and it will reduce the divergence in specifications between WirelessHART and ISA100.11a.

Challenges in Adopting Industrial Wireless Networking

Industrial wireless communication technology is a work in progress. A lot of work is required to address specific technical challenges for adopting the networking solution. Some of the challenges include evaluation and communication of the wireless technologies that are available for industrial concerns.

Another challenge in the adoption of wireless technology is solving the issues of latency or time synchronization. This is important to ensure the reliability of data transferred in the industrial setting.

Based on the challenges identified, here are three key suggestions for implementing wireless technology in the industrial setting.

• Create a science-based methodology for measuring the performance of wireless communication
• Create guidelines for the deployment of wireless networking in an industrial environment
• Address issues of latency in systems with high-reliability aspects with error rates less than 10 percent

Key Takeaway

Wireless networking is an enabling technology that can result in improved operational efficiency in the industrial systems. The technology can improve control and safety and lead to enhanced cost savings.

Adoption of the wireless networking system creates huge potential for increased operational efficiencies. The system can reduce installation cost, enable enhanced monitoring, reduce risks, and improve profitability.

For more information on industrial wireless networking, contact Swanson Flo by calling 800-288-7926 or by visiting https://swansonflo.com.