On Friday, February 5, a hacker breached the computers at the water treatment plant for Oldsmar, Florida, and tried to poison the city’s 15,000 inhabitants by dumping a large amount of sodium hydroxide – commonly used to unblock drains – into its drinking supply.
Fortunately, the duty operator noticed his mouse was moving around the screen, clicking on commands that controlled the chemicals in the water. At first, he assumed it was a supervisor using remote access to troubleshoot a problem. Then he noticed it had increased the sodium hydroxide level from about 100 parts per million to 11,100 parts per million. As soon as the hacker released control a couple of minutes later, the operator reversed the command and alerted his superiors.
His quick action prevented “a significant and potentially dangerous increase,” said Sheriff Bob Gualtieri, the local police chief, who called in the FBI. It was not immediately clear who had hacked Oldsmar’s water treatment plant, or even where they were located, Gualtieri said.
“Public drinking water systems, like other public utility systems, are part of the nation’s critical infrastructure and can be vulnerable targets,” he said, calling on officials nationwide to check their public utilities’ protection.
Florida’s Senator Marco Rubio was more blunt. “This should be treated as a matter of national security,” he tweeted.
As water, electricity and other critical infrastructure systems are increasingly connected to remote management software and the internet, they become more vulnerable. Hackers have shut down electric networks, traffic systems and even hospitals.
The Internet of Things – connected devices that can be controlled remotely, including home heating systems, garage doors and residential security alarms and cameras – improve quality of life but leave us exposed. Last December, the FBI warned that hackers are hijacking residential security and other IoT devices, allowing them inside our homes. “Recently, offenders have been using victims’ smart devices, including video and audio capable home surveillance devices,” the FBI said.
Security technology developed by Israel-based startup NanoLock Security to protect connected devices from such attacks is winning plaudits and clients.
“We act as a gatekeeper,” said NanoLock co-founder and CEO Eran Fine.
“As dependency on digital and critical infrastructure has risen, so has the level of the attacks.”
NanoLock’s customers include utility companies, industrial facilities and device manufacturers in Israel, Japan, India, the United States and Europe. The company works with Genus Power, the largest maker of smart meters in India; Micron Technology, which produces flash memory drives and data storage; and the operations center of Atlantica Digital, which develops and manages millions of smart meters and IT infrastructure across Europe.
The company specializes in protecting connected devices used for water and electricity infrastructure, and industrial operations. Data breaches and hacks can have significant consequences, ranging from inaccurate utility billing to power failures and even threats to lives, as could have happened in Florida.
The Internet of Things is particularly challenging. Each device connected to one’s wifi or network can allow access for hackers – but securing them can drive up the cost.
“Security is essential for reliable IoT operations. Malfunctioning or compromised IoT devices, whether malicious or accidental, can pose significant risks to consumers, businesses, and societies,” say market analysts Frost & Sullivan, assessing the fast-growing IoT cybersecurity market.
Many of the world’s 30 billion internet-connected devices – whether medical sensors, water treatment equipment, or smart kitchen appliances – are vulnerable to data breaches. Securing them can be difficult because they can be small with limited computing power and were not built with security in mind. But attacks can have far-reaching consequences. In the last year they have caused power outages in India and disruptions at manufacturing plants globally.
“NanoLock offers a highly innovative solution for IoT and connected devices security that can be used across literally any industry vertical to protect against the most advanced cybersecurity threats,” writes Frost & Sullivan analyst Vikrant Gandhi in a glowing review. “The company has carved a niche for itself in IoT security and is likely to continue to grow by offering highly effective, easy to use cybersecurity implementations with a clear focus on enhancing the value delivery for end customers. Customer wins and strategic partnership agreements with tier-I entities in the smart energy, water utilities, industrial and critical infrastructure space clearly validate the effectiveness of NanoLock’s implementations.”
NanoLock’s protection is embedded inside connected devices, protecting their memory systems and data from tampering and disruption, even if the device is physically in the hands of hackers or other unrecognized users. The system specializes in stopping advanced persistent threats – when malicious players establish a long-term presence that goes undetected until they strike.
“It’s something that lurks inside your systems, your devices, your infrastructure, just waiting to come out and create havoc, and this is what we are trying to solve,” Fine said.
The solution protects the entire chain of data, from the device itself to the storage cloud or data center. It works on everything from high-powered routers to simple battery-powered devices, and can be built into new devices, or added to older devices. It requires almost no computing power, and is designed to stop attacks before they occur instead of simply flagging and reporting suspicious activity after it happens.
“Detection is a great way to say the horse has left the stable,” Fine said. “But the attack already happened.”
NanoLock can also stop attacks from insiders, or those improperly using their access for malicious reasons. With more utility companies, medical systems and large factories using connected devices, the number of employees or vendors with access is growing, increasing concern about insider attacks.
“We make sure that every command which is impacting the performance of the device is signed properly, or meets the requirements for approved actions by approved users, no matter who they are,” he said. “We apply a zero trust approach.”
NanoLock operates in the background, requiring almost no action from those using the system.
“It’s passive protection,” Fine said.
Analysts expect the company to continue growing as the number of internet-connected devices rapidly increases, doubling to about 60 billion worldwide by 2020, partly boosted by the rollout of faster 5G networks.
With so much at stake, innovative solutions are required, Fine said.
“The majority of companies focus on network and back end protection, but that’s not good enough because you leave the devices unprotected,” he said. “We have a technological advantage, and we solve unique and large problems that others can’t. That’s our differentiation.”
For more information about NanoLock Security, click HERE.
Illustrations by Elior Doani