December 19, 2021 1:55 p.m.
By Chris Connell, Managing Director for Asia Pacific at Kaspersky
Industrial Control Systems (ICS) demand specific approaches to cybersecurity due to their complex structure, connected devices with different capabilities, software and operating systems, and critical functions. And this isn’t just a theory.
Something as common as a gas station has all the attributes of an ICS, such as connected equipment including pumps and tanks, controllers, a management system, a payment system, as well as connection to the corporate network, third-party service systems, and the internet. Just like any industrial facility, it has cybersecurity issues that companies should consider, to avoid disruptions that may affect the business, its employees, and the general public. This happened recently when gas stations in Iran were shut down because of a targeted attack.
This look through an ICS infrastructure is based on our research carried out at the end of 2020. It included the analysis of a modern gas station’s automation software architecture, a typical infrastructure, and the communications inside it. This allowed us to classify potential attack vectors and their impact on the fuel station’s network.
At a gas station
Imagine you’re driving your car and you need to fill it. You stop at a gas station, put the dispenser in the tank, and go to the convenience store to pay for the fuel. Once inside, the fresh coffee smells nice, you take some snacks for the road, complete your purchase and return to your vehicle.
To deliver the fuel to your tank, several systems should work: the back-office system and point of sales are used for payments and management functions. They are connected to the forecourt controller (FCC). This is the area with pumps outside the convenience store where customers park their cars to fill up. It is equipped with many systems such as a pump control, an automatic tank gauge (ATG), payment systems, etc. The FCC is the main device that controls fuel distribution, so when you pay through a cashier, the FCC commands the pump to supply it to your car so you can continue your journey.
Information about operations, the amount of fuel sold and available is transmitted to the management system locally and then to a head office that accumulates information from all stations.
Where are the problems?
Through our research, we managed to classify what could go wrong in this process. There are several potential operational technology (OT) and IT security issues that can affect the work of the station.
The first group of risks involves potential remote access from external networks. Just like many industrial systems today, the gas station employs solutions that are connected to public services through the internet, these include cloud banking systems or specialised fleet management systems. Remote access to the fuel station allows further malicious actions inside the network.
This was a real case described in one of Kaspersky’s studies. At the gas station, fuel management software was used to track the amount stored, set the price, and process payments. The system was connected to the internet and had vulnerabilities that allowed remote admin access with the ability to even change the fuel price.
There are also suppliers and service companies that have access to some parts of the infrastructure. Compromising these third parties may open doors to the target system for attackers. In fact, this type of threat is of great concern for companies of any size profile: a third (32%) of large organizations suffered attacks involving data shared with suppliers. What’s more, the financial impact of such incidents on enterprises is the highest across all types of attacks in 2021.
Another set of risks involves network and device issues that may potentially lead to the disruption of fuel station services or direct financial impact. Attacks can come from remote networks or by connecting to wireless networks or wired network ports available onsite.
Then, if the network is not segmented, the attack can spread from entry points such as secondary equipment in a shop and office workstations to critical components such as fuel management controls. The usage of unencrypted protocols (HTTP, CDP, FTP, Telnet, etc.) in the gas station network may allow adversaries to disclose sensitive information for further attack development.
Another critical but evergreen problem is vulnerabilities or security flaws in the fuel controller, POS terminals, and network equipment, as well as corporate endpoints and applications. In 2015, 5,800 automatic tank gauges (ATGs) were found to be exposed to unauthorized access from the internet because of a lack of password protection on a serial port. ATG is an electronic component placed in the tank that monitors the level of fuel and checks if it is leaking fluid. And through this serial port, the ATG can be programmed. If the signal it transfers is not correct, the operator won’t get an alert about any deviation. Figures from 2015 also suggested that at the time, most systems were in gas stations in the US and represented 3% of those used in the country. By compromising such critical systems as automatic tank gauges, criminals can unlock options for fraud or even physical damage.
It is also important to verify all workstations used on the forecourt such as points of sale, back-office systems, fuel controllers or payment terminals, as well as their configuration and even access to USB ports. For example, a lack of encryption or incompliancy to the PCI DSS standard in a payment system can contribute to the risk of an attack. For a fuel controller, it is also important to check industrial protocols. Lack of source authentication or integrity control may give adversaries, performing a man-in-the-middle attack, the opportunity to intercept data and manipulate station controllers.
Another point to manage is wireless gateways and reader units. A security assessment should be performed to identify insecure industrial protocols, the possibility of jamming and spoofing attacks.
How to improve
There are major security measures that should help increase the overall level of operational technology infrastructure. It is applicable to fuel stations but is no less relevant to any industrial network.
Network security: Purpose-based network segmentation enhances overall security and minimizes the surface of a possible attack. The segment of the network that has access to untrusted parts of it, such as corporate IT, should also be separated and protected with appropriate enterprise-grade protection software.
Passive OT network monitoring is essential for asset and communication inventory and detection of intrusions before they affect the technological process. Monitoring data also helps IT security teams to analyze events and consider hardening measures.
Access control: This should include restricting physical and logical access to the automation and control system. Security measures for remote access control for service companies will help to avoid third-party incidents.
Endpoint protection: It is important to implement specialized industrial-grade security software for OT hosts and servers. Ensure that the software is approved by the automation vendor and compatible with its solutions. This should help to avoid a situation where the protection product affects operation functions.
Security management: A system for centralized security event collection and protection software policy management should be implemented. It is also important that the solution allows vulnerability and patch management. If the system can be integrated with Security Information and Event Management (SIEM), that is a ‘nice to have’ option for organizations that plan to upgrade their protection level. Real-time continuous monitoring and endpoint data collection with rules-based response and analysis capabilities will help to further improve protection from advanced attacks.
A more fundamental approach that involves long-term measures is also important to improve the overall cybersecurity posture. This means adhering to industry standards for information security controls such as IEC 62443, NIST, NERC CIP, and so on. The organization should also conduct penetration testing or security analysis regularly, to identify vulnerabilities and information security problems before they are exploited by someone. And then, of course, follow all recommended measures to fix them properly.
Going deeper, there are specific requirements for companies with different levels of protection. But the measures listed above are essential to fill most cybersecurity gaps. Be it a fuel station, refinery, or giant car manufacturer, the basic principles of OT and IT protection should allow the company to build a reliable cybersecurity system and develop it according to their needs. This will provide a great foundation for satisfied business owners and happy clients.
LG honored with multiple awards for Innovative Product Design at IDEA 2023
September 4, 2023 3:11 p.m.
LG Electronics (LG) has once again been recognized for outstanding product design, earning 13 awards at the International Design Excellence Awards (IDEA) 2023, announced at the International Design Conference in New York, New York.
The LG PuriCare AeroTower, an air purifier that can also be used as a side table and mood lamp, was honored with a Bronze Award at yesterday’s conference. Offering personalized performance and design options, as well as a compact form factor, LG’s air purifier can be tailored to match any home interior and is ideal for smaller spaces. With its latest win, the LG PuriCare AeroTower has now been recognized by all three of the world’s top industrial design award programs: IDEA, the Red Dot Award and iF Design Award.
Another IDEA 2023 honoree, the LG OLED Flex (model LX3) is an innovative TV featuring the world’s first bendable 42-inch OLED screen. The LX3, which made its international debut at IFA last year, offers a new level of screen customizability – its self-lit display able to go from completely flat to spectacularly curved with the push of a button.
“The achievement from this year’s IDEA is the result of the synergy between customer experience-centered technology and aesthetics,” said Hwang Sung-gyul, head of the Design Management Center at LG Electronics. “We will continue to improve the level of perfection by reflecting innovative customer experiences beyond the existing framework in product design by constantly communicating and empathizing with customers.”
Organized annually by the Industrial Designers Society of America (IDSA), IDEA is one of the world’s leading design award programs, recognizing exceptional achievements in the area of industrial design while taking into consideration various factors relating to design strategy, digital interaction, the environment, and social impact, when selecting award recipients.
Life’s about more than having the latest technology, rather, it’s about the experiences technology creates that impact our lives. LG Electronics Philippines delivers consumer electronics through top-of-the-line home entertainment appliances that prepare Filipinos for their greatest moments. LG promises to bring “Innovation for a Better Life” nationwide – from Luzon, to Visayas, and Mindanao. LG products are available via lg.com/ph and through its flagship stores in Lazada and Shopee. For more information, visit and follow their social media channels on Facebook, Instagram, Tiktok and Youtube (@lgphilippines).
TCL AAT Inverter+ Refrigerators take lead to healthier lifestyle
July 10, 2023 4:33 p.m.
TCL, the leading consumer electronics brand and the world’s top two TV brand, launches their latest Free Build-In refrigerator that is highlighted by three defining features based on TCL’s advanced technology and elevated design.
Just in time for this month’s celebration of Nutrition month, TCL introduces the newest Refrigerator line up that reflects TCL’s dedication to delivering cutting-edge home technology at reasonable prices while enabling users to live healthier, more environmentally friendly, and more practical lives.
Introducing TCL’s Flagship Smart Fridge with Health and Energy-Saving Benefits
TCL’s AAT Inverter+ is set to be the best accessible high-tech top-mount refrigerator on the market and a great example of the powerful functionality featured across the TCL Refrigerator lineup.
With Filipino families becoming more health conscious than ever before, TCL AAT Inverter+’s Healthy Fresh functions are equipped with smart functions to keep your food chilled at the right temperature and ensure it stays fresher for longer, with the innovative Multi Air flow system, AI radar, and the Automatic Anion-releasing Technology (AAT) .
Speaking of better care of health, TCL’s AAT Inverter + also puts emphasis on its care for the planet. Its Twin Eco Inverter provides the perfect cooling environment for food, which not only enables long-lasting freshness but also saves energy and money. The Twin Eco Inverter also provides a steady temperature inside the refrigerator which inhibits the growth of ice, a process known as Total No Frost. Food remains frost-free so there is no need for manual defrost and no danger of food sticking to the walls of the refrigerator or being frozen when placed towards the back.
Lastly, the Easy-Using features give the user experience a premium feel, with little adaptations to make life more convenient, such as large storage space, Twist Ice Maker to freeze, unmold and store ice cubes with a simple gesture.
The TCL’s Varied Refrigerator Range Suited for Every Filipino Family
Aside from TCL AAT Inverter+, TCL has an extensive range of refrigerators to suit every Filipino family’s needs. The TCL FreshPro Direct Cool+ line is an accessible but highly functionable range, with precise temperature control allowing for accurate cooling to ensure optimum conditions to preserve freshness. TCL FreshPro Direct Cool+ Refrigerators are designed to be running at low noise thanks to innovative compressors, ensuring you are never disturbed by humming or buzzing, and soft LED lighting offers excellent illumination of the fridge contents whilst saving on energy consumption.
Regarding the energy saving aspect, like the TCL AAT Inverter+, The TCL FreshPro AAT Inverter Max collection also comes with a Twin Eco Inverter, which allows accurate temperature control whilst reducing energy consumption and noise for a quieter and more environmentally friendly option. What’s amazing is that the TCL FreshPro AAT Inverter Max range comes equipped with powerful cooling functions – with just a press of one button, the Power Cool increases the cooling rate to chill your drinks and food rapidly whilst the Power Freeze further enhances the cooling effect to freeze food and ice. The Max Space feature allows families to customize storage within the fridge to suit their requirements, with daily items organized to be easily accessible whilst optimizing the space available allowing the ability to stock up on family favorites.
Discover TCL’s range of refrigerators to suit every consumer’s requirements, rolling out across retailers in the Philippines this month.
Huawei’s Sabrina Meng: Embracing 5G transformation
June 28, 20237:30 p.m.
SHANGHAI — At the opening day of MWC Shanghai 2023 today, Sabrina Meng, Huawei’s Rotating Chairwoman and CFO, gave a keynote titled “Embracing 5G transformation”.
“5G has been in commercial use around the world for four years now. It’s driving new value creation, and 5.5G is the next step forward,” said Meng. “Science and technology are moving towards large, complex systems. This requires matching technology to specific scenarios and performing systems engineering, in order to pave the way for 5G’s ongoing success.”
5G is creating value along three different fronts
Science fiction can only sketch the future. But science and technology can turn imagination into reality.
5G has been in commercial use for four years now. Across all industries and countless households around the world, it’s changing the way we work and live, creating tremendous economic, industrial, and social value.
For consumers, 5G, cloud, and AI have set off a chain reaction, creating an environment where all buyers can also be sellers.
For industries, 5G has become a new driver of productivity. There’s greater alignment than ever between technology suppliers, their partners, and customers on where 5G can provide the most value. Strategic patience, in-depth understanding of industrial scenarios, and ongoing improvements to ROI have given 5G a foothold in industrial applications.
Moving ahead, 5G will give rise to new devices and applications that deliver a more immersive experience, like 5G New Calling and naked-eye 3D. 5G is also ushering in a new era of super-connectivity between things, bringing new strength to IoT networks and driving new forms of productivity.
5.5G is the next step forward for 5G. 5.5G will feature 10-gigabit downlink speeds, gigabit uplink speeds, the ability to support 100 billion connections, and native AI. It will not only connect people better – it will also create incredible new business opportunities with more targeted support for industrial needs in domains like IoT, sensing, and advanced manufacturing.
Taking 5G to the next level and paving the way for ongoing success
The ladder to success isn’t built on ongoing progress with a single technology. It’s built on matching technology to specific scenarios and real-world needs. And systems engineering is key to taking the next step up.
The commercial deployment of 5G has created a growing appetite for more groundbreaking, leapfrog innovation. So what will take 5G to the next level, and how will it provide greater value in different vertical markets?
This will require finding the right technology for different scenarios and performing more comprehensive systems engineering. This will also require diving deeper into industrial scenarios, truly understanding customers’ pain points, and adopting a more holistic systems engineering mindset.
The industry needs to work more closely together both up and down the value chain – with peers and partners, customers and developers – on solution modeling and optimization, as well as tools and methodologies. The industry also needs to pave the way for ongoing success throughout the entire product lifecycle, from R&D and procurement, to supply and marketing.
Building up integrated capabilities and exploring the future of communications
The digital infrastructure of the future intelligent world will be deeply integrated into every aspect of people’s lives, industry, and society. It won’t be based on advancements in individual technologies, but rather on incredibly massive, complex systems – the convergence of multiple elements. It’s going to require systems-level thinking and design.
When watching a chess game, you can see the big picture. But when you’re playing chess, you focus on the details. Likewise, systematic capabilities to integrate technology and transform management are critical for the future success of 5G.
Meng spoke about two specific types of integrated capabilities. “The first is integrating different technologies. We can achieve greater synergy across cloud, networks, edge, and devices through systematic design and cross-domain innovation. When coupled with optimization across software, hardware, chips, and algorithms, we can address the challenges associated with developing complex solutions for vastly different industrial scenarios.”
“The second,” she continued, “is the ability to integrate different approaches to management. Digital and intelligent transformation is not just about technology itself. It’s more about transforming your approach to management. Going digital requires redefining the relationships between people, events, things, and theory, and adopting a more open, forward-looking management approach to address future challenges.”
Meng concluded: “Information technologies like 5G, 5.5G, AI, and cloud will help us rise with the tide and take us forward to an intelligent world. The best scenery is always ahead. Let’s create a bright future together.”
In the Philippines, the three major telecommunications service providers have rolled out 5G networks nationwide to offer better network services and optimize the potential of innovative technology.