Taking Operations Offline: Not Without Risk, But Effective

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) stated that Russia orchestrated a cyber intrusion of the business network of a nuclear power plant in Kansas. Russia targeted a number of electric, water, and power plants in the U.S., including the Kansas nuclear power plant. The Wolf Creek Nuclear Operating Corp. in Burlington, Kansas provides power to approximately 800,000 homes.

Cybersecurity experts see these attacks as a sign that Russia is seeking to be able to disrupt critical facilities in the U.S. The article stated that Russia is capable of sabotaging and shutting down American power plants.

A Wolf Creek spokesperson stated that "safety and control systems for the reactor and other vital plant components" are not connected to the network or the internet and therefore were never at risk in the attack. The analog system cannot be hacked remotely.

According to a spokesperson for the Nuclear Energy Institute, all power plants operate on isolated networks that are not connected to the internet. Max Londberg "Russia infiltrated Kansas nuclear plant's business network, FBI and DHS say" kansascity.com (Mar. 16, 2018).

Commentary

 

Taking data offline is one of the best means for preserving it.

Cybercriminals can physically hack networks not connected to the internet. However, doing so is far more difficult, costly, and time-intensive than hacking something remotely through the internet connection.

It is important to always back up essential data to a storage device that is not connected to the network or the internet. If a criminal infects your system with ransomware, this backup is essential to continuing operations.

Particularly sensitive databases should also be stored offline and networks for critical services kept off the internet, if possible. If your operations allow employees to access private information or perform critical tasks from a computer in the workplace that is not internet connected, do so.

Of course, with employees working remotely and the need to share information with multiple devices, keeping information and operations offline is often not an option. In that case, you must protect your network and accounts as completely as possible. 

Secure all internet connections, networks, and devices with strong, unique passwords. Install the latest in cybersecurity software and other protections. Only give access to employees who need it. Require employees to use a secure, encrypted connection when accessing the network remotely.

Finally, your opinion is important to us. Please complete the opinion survey: