As the people with the CIO job, we are all aware that security is a big deal at our companies. However, just exactly how to secure the company is an issue that a lot of us are not 100% sure how to go about doing. Over at the Norway-based aluminum company, Norsk Hydro, they were recently the target of a ransomware attack and so they are highly aware of the dangers that they are facing. This awareness has caused them to start to take some actions that we could all learn a thing or two from…
The Challenges Faced By Norsk Hydro
Norsk Hydro suffered a ransomware attack a while ago. This attack resulted in some operations being brought down after a virus was able to gain access to the company’s IT network. In this case, the hackers were not able to compromise the company’s industrial equipment. However, an investigation after the attack revealed that they could have. Norsk Hydro determined that there were not enough of the proper security mechanisms in place to stop the attack if it had gone after the company’s equipment. The attack ended up costing the company US$72M.
Due to the attack, Norsk Hydro understood the importance of information technology and conducted an internal investigation that ended up revealing a number of IT security holes. Any one of these holes could have ended up allowing the virus to infect Norsk Hydro industrial equipment. It turns out that the problem was that the industrial equipment communicates with each other in ways that the Norsk Hydro security team didn’t know about. The result of this was that they were left vulnerable to outside attacks. It turns out that many people in the CIO position are actually in charge of two separate technology spaces at their company. One of these spaces supports email and the rest of the company’s routine business applications. The other supports operational equipment. Some pieces of this equipment are always running in order to perform critical functions or to process materials.
Where Norsk Hydro got surprised was when they discovered that some of the programmable logic controllers (PLCs) that manage their industrial equipment were connected to their IT network. They had thought that their PLCs were isolated and couldn’t get any commands from the company’s IT network. However, as a result of their investigation it turned out that there was a connection. What Norsk Hydro decided that they had to do was to set up additional lines of defense for their industrial equipment.
How Norsk Hydro Is Trying To Secure Their Future
So clearly the Norsk Hydro CIO has a significant security problem on his hands. What should he be doing? What Norsk Hydro has decided to do is to develop an Artificial Intelligence (AI) tool that will allow them to detect when hackers attempt to access their industrial equipment. The tool that they have designed will be on the lookout for unusual activity that could signal that the equipment is being hacked. Things to look out for include frequent password changes on equipment. If this type of event occurs, then the AI tool will trigger an alarm that will be received by Norsk Hydro’s cybersecurity team.
The reason that the AI tool was developed was to help Norsk Hydro find a way to shore up their security gaps. The tool identifies areas where industrial equipment may be exposed to hackers. Once these areas are known, they can be monitored for small changes over time. This is valuable because Norsk Hydro has discovered that their human analysts are unable to monitor the large amount of internet traffic that flows over the company’s networks every day. The AI tool has been configured to detect if multiple passwords changes have been attempted in a single week to the company’s programmable logic controllers. These devices are industrial computers that communicate with machines. The resetting of passwords is often an indication that hackers have taken over accounts.
More and more industrial companies like Norsk Hydro are turning to AI in order to help them prevent future cyberattacks. AI has the ability to step in and help to protect power plants, factories, and other components of critical infrastructure. These components of a company often lack basic safeguards such as encrypted devices that are often found on corporate networks. Using AI allows these companies to set up additional lines of defense against hackers. AI provides companies like Norsk Hydro with the tools that they need in order to identify suspicious activity early on.
What All Of This Means For You
CIOs are under assault. Hackers are constantly trying to break into their corporate networks. CIOs at industrial companies are discovering that their industrial equipment is also vulnerable to attacks from hackers. Norsk Hydro suffered a ransomware attack and then discovered how truly vulnerable they were. They are now taking steps to protect their company.
Things started to go bad for Norsk Hydro when they suffered a ransomware attack. Although the hackers were not able to get to their industrial equipment, an investigation showed that the hackers could have gotten to the industrial equipment. The industrial equipment was communicating with each other using pathways that the Norsk Hydro security team didn’t know about. It turned out that some of their programmable logic controllers (PLCs) that manage their industrial equipment were connected to their IT network. To deal with this problem, Norsk Hydro has decided to develop an AI based tool that will allow them to detect when hackers are trying to break into their network. The tool can monitor small changes made over time. The tool can process large amounts of information that would be too much for a human. More companies are starting to implement AI based threat detection tools in order to detect when hackers are trying to break in.
Keeping our networks secure is a full time job for a CIO. Over at Norsk Hydro they have learned their lesson after having been hit by a ransomware attack. They are now working to keep their industrial equipment separate from their IT networks. However, at the same time they are also starting to use AI tools to keep a lookout for hackers. We should all start to take the same steps. Our AI tools never sleep and they can tell us when unwanted visitors are trying to break into our networks.
– Dr. Jim Anderson
Blue Elephant Consulting –
Your Source For Real World IT Department Leadership Skills™
Question For You: What do you think is the best way for Norsk Hydro to test their AI cyberdefense tool?
Click here to get automatic updates when The Accidental Successful CIO Blog is updated.
P.S.: Free subscriptions to The Accidental Successful CIO Newsletter are now available. Learn what you need to know to do the job. Subscribe now: Click Here!
What We’ll Be Talking About Next Time
CIOs who think that BYOD (bring-your-own-device) is a fad that is starting to fade away are wrong. CIOs who think they can abandon the practice of creating BYOD polices risk upsetting an important and growing constituency of their workforce: millennials, who are also known as GenY. Attracting this type of worker has become a part of the importance of information technology.