The Counter-Intuitive Path to Cyber-Secure Infrastructure

Svet Bajlekov, Co-founder and CEO, AMMP Technologies | June 2021

It's hard to miss the increasingly frequent and ferocious cyber-attacks on our infrastructure. To save me compiling yet another run-down of recent events, here's the opening of a recent CNN piece on the topic:

"A major gas pipeline, the world's largest meat supplier, a ferry system, the New York subway system and most recently a software company whose products are used by numerous other businesses. They've all been targeted by cybercriminals in just the past few months. And on Wednesday [the ransomware attack on Kaseya] breached as many as 1,500 businesses around the world in what might be the biggest ransomware attack on record, experts say."

Though less widely covered in the press, the energy sector is also under increasing attack. Here's PCMag a few weeks earlier:

"An unidentified power company was the target of a 'probing' cyberattack last month, according to the Department of Energy. The cyber incident occurred on March 5 in California, Utah, and Wyoming, and it involved a 'denial of service condition' that caused 'interruptions of electrical system operations,' the filing says."

Attacks on infrastructure aren't new – here's NYT reporting on an attack on a Florida water plant from earlier this year:

"On Friday, a hacker gained access to the water treatment plant in Oldsmar, a city of 15,000 in the Tampa Bay area. The intruder was in and out of the system in less than five minutes, but in that time, they attempted to increase the levels of lye — sodium hydroxide — in the water supply by a factor of more than 100."

The Problem with Air-Gapped Systems

What might be less obvious is that while attacks on infrastructure increase in frequency and sophistication, our defenses haven't kept up. In fact, the conventional wisdom around securing infrastructure may be part of the problem.

The traditional approach to securing operational technology (OT) systems has been to "air gap" them – physically isolate them from the internet and external networks. The logic is intuitive: if a system isn't connected to the internet, it can't be attacked from the internet.

But this approach has significant drawbacks in practice:

• Software remains outdated: Air-gapped systems rarely receive security updates, leaving known vulnerabilities unpatched for years
• Hidden connections: "Air-gapped" systems often have undocumented connections – via USB drives, maintenance laptops, or poorly configured networks
• No visibility: Isolated systems can't be centrally monitored, making it harder to detect when something goes wrong
• Legacy dependencies: Many OT systems run on legacy operating systems (like Windows XP) that are no longer supported with security updates

As the NYT noted about the Florida water plant attack:

"Municipalities are often the worst culprits when it comes to keeping their industrial networks up-to-date. Forget about exotic hackers like Russia or China: Buggy software left unpatched for years can be more dangerous."

The Counter-Intuitive Solution: SaaS

Here's where things get counter-intuitive. A well-designed, cloud-based SaaS platform can actually be more secure than an air-gapped on-premise system. Here's why:

• Continuous updates: SaaS platforms are continuously updated with the latest security patches, often within hours of vulnerabilities being discovered
• Professional security teams: SaaS providers have dedicated security teams that most utilities and industrial operators can't afford to maintain in-house
• Central monitoring: Cloud platforms enable sophisticated threat detection and monitoring across all connected systems
• Zero Trust architecture: Modern SaaS platforms implement Zero Trust principles – every request is authenticated and authorized, regardless of where it originates
• Regular audits: Reputable SaaS providers undergo regular third-party security audits (like SOC 2, ISO 27001)

Zero Trust: Security for the Real World

The Zero Trust model assumes that threats exist both inside and outside the network. Rather than creating a perimeter and trusting everything inside it, Zero Trust requires:

• Verification of every user, device, and connection
• Least-privilege access – users get only the access they need
• Continuous monitoring and logging
• Encryption of data both in transit and at rest

This approach is particularly well-suited to distributed energy systems, where assets are spread across multiple locations and need to be accessed by various stakeholders – from operators to investors to grid managers.

The Bottom Line

The threat landscape has evolved, and our security strategies need to evolve with it. The counter-intuitive truth is that trying to hide behind air gaps and isolation often leaves systems more vulnerable, not less.

A modern, well-architected SaaS platform with Zero Trust principles can provide better security than most organizations can achieve on their own – while also enabling the connectivity and visibility that distributed energy systems need to operate effectively.

At AMMP, we've built our platform with security as a foundational principle, not an afterthought. We continue to invest in security infrastructure and certifications (including ISO 27001) because we believe that trustworthy data security is essential for the energy transition.