Israel’s national Water Authority has engaged local OT company Siga to strengthen its cyber defences following a 2020 attack.
The water sector is coming under increasing focus from the security point of view. Several cases have been reported in the United States, most recently in California and Florida with, in both cases stolen logins being used to try to modify water treatment programmes.
These follow a similar occurrence last year in Israel, reportedly attributed to come from Iran, with the apparent goal of raising the level of chlorine in the water supply by changing the logic of the programmable logic controller without raising an alarm.
In the wake of this attack, the Water Authority decided to strengthen its cyber defences, with SIGA OT Solutions providing its SigaGuard system to counter cyber threats to its machinery and equipment.
SigaGuard also deals with ransomware attacks on critical infrastructure and its algorithms can provide insights for predictive maintenance and performance management.
Amir Samoiloff, co-founder and CEO of SIGA, points out that the hacker’s actual attack surface on water utilities is limited, and the company’s solution is focussed on level 0 monitoring, where the sensors and actuators of the water infrastructure are located.
“Water utilities are at the forefront of global cyber-attacks. But utilities have minimal tolerance for downtime in service and no utility would agree to a hacker deciding whether its infrastructure will operate or not.”
The implementation of SigaGuard, together with the Security Operations Centre (SOC) service provider Cysol Networks, follows a pilot that tested the connection of several of the country’s regional water and sewage utilities with the newly established SOC for defending against cyber attacks.
The level 0 operational information layer is considered most suitable for water utility defences as it is not subject to external manipulations. SigaGuard monitors the electrical signals of the water treatment process and leverages advanced AI engines and machine learning to detect anomalies in the process behaviour and gain direct visibility into the OT process.
According to a June 2021 US Water Sector Coordinating Council survey, over 16% of the almost 600 respondents reported having an IT cybersecurity incident and 5% an OT cybersecurity incident in the past twelve months, while around a further 15% were not sure for both.