A Modern Threat

A Modern Threat

Utilities require state-of-the-art surveillance tools

  • By Michael Shipley
  • Dec 01, 2021

Whether it is water, electricity, gas, oil or even telecommunications and transportation hubs, critical infrastructure facilities present unique challenges for security professionals. Threats against city utilities in North America have never been as diverse or real as they are today and ensuring the security for these vital backbones of a country's infrastructure is important.

Cyber Security Threats
Beyond physical attacks, combating cyber security threats and natural disasters also present an ongoing challenge for utility providers. Multi-billion-dollar economic losses are no longer the hypothetical scenario of an attack, but are relevant for short-term regional outages. Bad actors know that such facilities can give them maximum attention and as such, consider them prime targets.

The recent cyber-attack that forced a temporary shutdown of the Colonial pipeline, one of the largest in the United States, serves as a stark reminder of how damaging and ever-present such threats can be. Likewise, an earlier cyber-attack in Florida that sought to compromise a water treatment plant saw hackers exploit remote access software and compromise credentials. This might have been a classic case of human error with a single shared password, but it is up to security professionals to protect people from themselves regarding enforcement best practices and using techniques such as multi-factor authentication.

With technological development and the increasing popularity of ‘smart connected infrastructure’ comes the inclusion of networks that connect grids, pipelines and other critical infrastructure with multiple operators and databases, maximizing the potential number of entry points vulnerable to cyber-attacks. Utilities are at higher risk, since large numbers of attempted attacks occur every day.

Standards and Compliance
Because utilities are part of the critical infrastructure mix, they have strict regulations that must adhered to regarding security, with strict penalties and fines for any organization found out of compliance. As an example, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) are both involved in overseeing new standards that specifically address the physical and cyber security of all control centers, stations and substations throughout the country.

This can include compliance with specific standards such as the NERC CIP (Critical Infrastructure Protection) for electrical utilities. These standards specify how electrical utilities are to monitor access points, protect cyber-security assets and monitor the perimeter.

In particular, NERC’s CIP 014-2 and CIP Version 7 standards have the industry taking a closer look at security operations at facilities near and far. The CIP 014-2 standard calls all responsible electricity entities to identify their critical facilities, evaluate the security risks and vulnerabilities to those identified facilities, and implement measures to mitigate the risk of physical attack.

While CIP Version 7 is more oriented towards cyber-attacks, risk mitigation often involves physically securing substations and stations where Supervisory Control and Data Acquisition Systems (SCADA), and relevant servers and network switches are housed. Under these NERC standards, electrical service providers are required to meet phased mandates, each with penalty-subjected deadlines. Other utilities may have similar regulations with which to comply.

Cybersecurity
Any poorly protected IoT device represents an opportunity for a hacker to exploit the device and potentially gain access to an organization’s internal protected network. Since IP-based cameras, the VMS, NVRs and supporting infrastructure all communicate over the network, it is critical that the security system not be an entry point for cyber-attacks.

It is vital to have confidence in the security of each device on the network. With cameras, it is important to know as much as possible about the manufacturing process and the supply chain regarding the sourcing of internal components. What chipset is used, where was it made and who made it? Is it an OEM or white label product versus an actual manufacturer-developed and designed product?

There are important factors that can have an impact the underlying security of a device. IT professionals can do their best to secure the network, but, if they don’t know what’s going on inside the device, those efforts could be wasted. Utilities should ensure that cameras are NDAA (National Defense Authorization Act) compliant with well-established cybersecurity features such as secure boot, a trusted platform module and decryption keys that block nefarious code from being uploaded.

Perimeter Security
Depending on the type of utility, the perimeters can be large and may be in remote areas where network bandwidth may be limited. The challenge of protecting such utilities is complex and often requires multiple and varied solutions. Security measures require balance against efficiency and convenience for daily staff and shift changes, while contractors, especially those who travel to unstaffed areas of a site, may require temporary authorizations.

The perimeter consists of video and thermal surveillance cameras, motion sensors and lasers. Most cameras can deliver solid performance in daylight. It is more difficult for cameras when the light disappears. IR light is one answer, but most IR lights have a fixed distance of illumination and can make it difficult to discern details when color is lost. It is possible to choose cameras with extreme low-light sensitivity that can still provide reliable color information.

Cameras with a wide dynamic range (WDR of 120-150dB is ideal) that can consistently reproduce detail from shadows even in high-contrast lighting conditions are a necessity for many deployments. Frames per second (fps) can affect WDR performance, so it’s important to find a balance between fps and lighting requirements to deliver the WDR required without sacrificing smooth motion capture. AI-based algorithms can also reduce image noise by identifying object motion and reducing blur in low light environments. As camera resolutions go up, so does the required bandwidth to carry those images to a recorder, viewer or VMS.

Efficient codecs such as Hanwha’s Wisestream II compression technology and H.265 are used to transmit high quality images over 4G or LTE connections while minimizing infrastructure costs. Thermal cameras provide excellent long-distance perimeter coverage, especially in low light conditions and bad weather. To maximize coverage, multi-sensor cameras can be deployed which deliver multiple high-resolution images using a single PoE connection.

The ability for security systems to automatically hand-off positional data to long-range, vari-focal infrared PTZ cameras with auto-tracking can deliver usable video at distances of 1600 feet, even at 0 LUX. AI-based technology has made significant inroads by being able to detect objects and focus maximum video quality on detected objects in a scene while scaling back encoding on the rest of the scene.

AI-based analytics can significantly reduce false alarms along perimeters and within a facility with object detection, which never throws an alert for an animal or for wind-blown objects or shadows. That coupled with its ability to quickly produce results during forensic search, makes it a technology that should be an integral part of any utility security solution.

Infrastructure
Protecting the security of utilities and critical infrastructure sites has never been more important in our ever-changing world. Threats against utilities are on the rise and the IoT connected world has given hackers and terrorists new entry points to exploit to their advantage.

To safeguard these types of facilities, both physical and cybersecurity practices protections must be upgraded to keep pace with evolving threats. Staying compliant with federal regulations not only ensures better protection, but it also avoids penalties and fees. Thankfully, the technology to protect utilities is also evolving in the form of high-resolution AI-based cameras and state-of-the-art cybersecurity features that make it harder than ever for bad actors to cause damage.

This article originally appeared in the November / December 2021 issue of Security Today.

Featured

  • Survey: 60 Percent of Organizations Using AI in IT Infrastructure

    Netwrix, a cybersecurity provider focused on data and identity threats, today announced the release of its annual global 2025 Cybersecurity Trends Report based on a global survey of 2,150 IT and security professionals from 121 countries. It reveals that 60% of organizations are already using artificial intelligence (AI) in their IT infrastructure and 30% are considering implementing AI. Read Now

  • New Research Reveals Global Video Surveillance Industry Perspectives on AI

    Axis Communications, the global industry leader in video surveillance, has released its latest research report, ‘The State of AI in Video Surveillance,’ which explores global industry perspectives on the use of AI in the security industry and beyond. The report reveals current attitudes on AI technologies thanks to in-depth interviews with AI experts from Axis’ global network and a comprehensive survey of more than 5,800 respondents, including distributors, channel partners, and end customers across 68 countries. The resulting insights cover AI integration and the opportunities and challenges that exist with regard to security, safety, business intelligence, and operational efficiency. Read Now

  • SIA Urges Tariff Relief for Security Industry Products

    Today, the Security Industry Association has sent a letter to U.S. Trade Representative Jamieson Greer and U.S. Secretary of Commerce Howard Lutnick requesting relief from tariffs for security industry products and asking that the Trump administration formulate a process that allows companies to apply for product-specific exemptions. The security industry is an important segment of the U.S. economy, contributing over $430 billion in total economic impact and supporting over 2.1 million jobs. Read Now

  • Report Shows Cybercriminals Continue Pivot to Stealthier Tactics

    IBM recently released the 2025 X-Force Threat Intelligence Index highlighting that cybercriminals continued to pivot to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises declined. IBM X-Force observed an 84% increase in emails delivering infostealers in 2024 compared to the prior year, a method threat actors relied heavily on to scale identity attacks. Read Now

  • 2025 Security LeadHER Conference Program Announced

    ASIS International and the Security Industry Association (SIA) – the leading membership associations for the security industry – have announced details for the 2025 Security LeadHER conference, a special event dedicated to advancing, connecting and empowering women in the security profession. The third annual Security LeadHER conference will be held Monday, June 9 – Tuesday, June 10, 2025, at the Detroit Marriott Renaissance Center in Detroit, Michigan. This carefully crafted program represents a comprehensive professional development opportunity for women in security this year. To view the full lineup at this year’s event, please visit securityleadher.org. Read Now

    • Industry Events
Most   Popular

New Products

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.

  • ComNet CNGE6FX2TX4PoE

    The ComNet cost-efficient CNGE6FX2TX4PoE is a six-port switch that offers four Gbps TX ports that support the IEEE802.3at standard and provide up to 30 watts of PoE to PDs. It also has a dedicated FX/TX combination port as well as a single FX SFP to act as an additional port or an uplink port, giving the user additional options in managing network traffic. The CNGE6FX2TX4PoE is designed for use in unconditioned environments and typically used in perimeter surveillance.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.