Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Protecting critical infrastructure intrusions with device-level protection

By Yanir Laubshtein
cyber freepik
April 21, 2021

Rapid technological change, accelerated by the pandemic and now ingrained in our daily lives, has led us to become increasingly dependent on connected devices within critical infrastructures, as exhibited by the proliferation of smart meters, sensors, industrial controllers, and other “smart” products. As utilities, governments, and other critical infrastructure operators embrace the efficiencies of an expanded IoT and add ever more connected devices to their networks, they simultaneously increase the potential points of attack surface for malicious cyberthreats. This creates risk, and recent attacks on SolarWinds, the Oldsmar, Florida water treatment plant, and SITA, have proven that bad actors are only growing bolder and more sophisticated with their attempts at intrusion and manipulation of critical infrastructures functionality. 

Critical infrastructures must balance the utility of expanding their network of connected devices with the threats posed by bad actors. Managing the risk emerging from these threats will require an understanding of the specific style of threats posed, as well as how to counter them.

The Nature of Critical Infrastructure Threats

One form of attack that is proliferating in its usage against critical infrastructures is an Advanced Persistent Threat (APT). An APT attack is when an unauthorized user gains a lasting presence in a system or device, and because the attack is permanent in the device, a simple restart will not necessarily rid the device of it. This persistency allows an attacker to cause more damage over a longer period of time.

This is what happened in the SolarWinds breach, as hackers infiltrated the supply chain to insert a backdoor into the product, which then allowed the hackers access to every system that downloaded the compromised packages. This intrusion was missed by traditional threat identification processes because the hackers randomized their behavior to avoid triggering indicator of compromise (IOC) sweeps.

To avoid being the next SolarWinds, critical infrastructures will need to reimagine their security protocols from an inside-out philosophy that trusts actors within a set perimeter to a “Zero Trust” approach that requires authorization for all changes, no matter whether they are internal, external, or along the supply chain. As APT attacks are not going to stop coming, the objective is less about stopping threats from happening and more about detecting threats, preventing them from actually doing any damage, and collecting forensic data for advanced analytics. This begins at the device level, as device integrity is crucial to critical infrastructures yet is difficult to ensure. This is especially true for battery-operated devices with limited energy availability, processing power, and memory footprints.

Cybersecurity Measures Stakeholders need to take

While there is need for security at all three levels of connected systems – the device, network, and system levels – for bad actors targeting enterprise infrastructures, a single point of entry is sometimes all it takes. As the IoT expands and critical infrastructures add more and more connected devices to their network, these devices will be exposed to both internal and external threats, some of which may be unaddressed by the critical infrastructure’s existing protection capabilities. These threats can arise along the supply chain or even from within a network itself.

As their network grows, critical infrastructures must ensure that each device they roll out is itself impermeable, a guarantee they can only make by introducing device-level security that protects connected edge devices like smart meters from all attack vectors from installation, implementation, maintenance, and upgrading. One way of doing this is to introduce a solution with hardwired gatekeeper embedded into the device. This will provide passive prevention against outsider, insider, and supply chain APT threats, block unauthorized manipulation by automatically rejecting all changes unauthenticated by a trusted server, and allow for secure remote updating. This in turn will prevent persistency, which occurs when the attacker has a permanent hold within the device, allowing them to manipulate it and even seize control from the device owner.

Improving critical infrastructure security is an ongoing process that requires recognition and address of potential weaknesses. An approach that is anything short of Zero Trust fails to recognize that insider threats are a possibility, and security that lacks device-level protection fails to address the vulnerability of these devices. In other words, to improve security, trust no one and protect everything.

Who Needs to Adopt these Solutions?

Deploying a “Zero Trust’ approach by implementing device-level protection into each connected device on a critical infrastructure is a smart next step in defending against malicious manipulation, no matter if you are a utility, an industrial manufacturer, or a municipality. However, as we saw with the Oldsmar, Fla. water treatment plant hack, the critical infrastructure systems for smaller cities are particularly easy targets because local governments are often overworked and understaffed.

These departments are often overlooked because there are few positive indicators of successful performance - the absence or prevention of cyberattacks will never lead the nightly news so lawmakers can be reluctant to improve cybersecurity funding if they believe what they currently have works fine. The problem is that cybersecurity is an arms race, so if you are standing still, you are losing ground. Small cities must take a long look at their systems to see what protections are in place. Do they know every third-party vendor they partner with? Do they know their own security protocols? Assessing critical infrastructures to find and address weak points is a task all critical infrastructures should be constantly performing, because if they are not doing it, bad actors certainly will.

KEYWORDS: critical infrastructure cyber security information security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Yanir laubstein vp cyber solutions

Yanir Laubshtein is VP, Cybersecurity & Industry, at NanoLock Security, where he brings over 20 years of experience working in the cybersecurity industry in various roles both for the government and private sectors, including his most recent at PwC’s Cybersecurity & Privacy Impact Center. There he served as the OT/ICS Security Lead in the company’s ICS/OT Centre of excellence, guiding the ICS/OT service offerings of the center to enable and support governments and organizations with protecting their critical infrastructures. Prior to joining PwC, Yanir led two strategic government projects in Israel, managing the Cybersecurity Operations on behalf of the Ministry of Energy and the Water & Sewage Authority and subsequently designing and managing the development of Israel's National C-SOC for Critical Infrastructures. Earlier in his career, Yanir served for over 10 years in a range of Israeli Government Security positions, both in the defensive and the offensive cyber arenas.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Cybersecurity
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

2025 Security Benchmark banner

Events

September 29, 2025

Global Security Exchange (GSX)

 

November 17, 2025

SECURITY 500 Conference

This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • 5 mins with Brian H

    5 minutes with Brian Harrell - Critical infrastructure protection and the power grid

    See More
  • people standing

    Creating a layered, 3-level entrance strategy for critical infrastructure facilities

    See More
  • Domestic critical infrastructure is arguably now more at risk than at any point in living memory, and certainly in a peacetime context.

    Protecting critical infrastructure and distributed organizations in an era of chronic cybersecurity risk

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing