Connect with us

TECHNOLOGY

Gas stations and beyond: Why cybersecurity is a top priority for industrial infrastructure

December 19, 2021 1:55 p.m.

By Chris Connell, Managing Director for Asia Pacific at Kaspersky

Industrial Control Systems (ICS) demand specific approaches to cybersecurity due to their complex structure, connected devices with different capabilities, software and operating systems, and critical functions. And this isn’t just a theory. 

Something as common as a gas station has all the attributes of an ICS, such as connected equipment including pumps and tanks, controllers, a management system, a payment system, as well as connection to the corporate network, third-party service systems, and the internet. Just like any industrial facility, it has cybersecurity issues that companies should consider, to avoid disruptions that may affect the business, its employees, and the general public. This happened recently when gas stations in Iran were shut down because of a targeted attack. 

This look through an ICS infrastructure is based on our research carried out at the end of 2020. It included the analysis of a modern gas station’s automation software architecture, a typical infrastructure, and the communications inside it. This allowed us to classify potential attack vectors and their impact on the fuel station’s network. 

At a gas station

Imagine you’re driving your car and you need to fill it. You stop at a gas station, put the dispenser in the tank, and go to the convenience store to pay for the fuel. Once inside, the fresh coffee smells nice, you take some snacks for the road, complete your purchase and return to your vehicle.

To deliver the fuel to your tank, several systems should work: the back-office system and point of sales are used for payments and management functions. They are connected to the forecourt controller (FCC). This is the area with pumps outside the convenience store where customers park their cars to fill up. It is equipped with many systems such as a pump control, an automatic tank gauge (ATG), payment systems, etc. The FCC is the main device that controls fuel distribution, so when you pay through a cashier, the FCC commands the pump to supply it to your car so you can continue your journey. 

Information about operations, the amount of fuel sold and available is transmitted to the management system locally and then to a head office that accumulates information from all stations. 

Where are the problems? 

Through our research, we managed to classify what could go wrong in this process. There are several potential operational technology (OT) and IT security issues that can affect the work of the station. 

The first group of risks involves potential remote access from external networks. Just like many industrial systems today, the gas station employs solutions that are connected to public services through the internet, these include cloud banking systems or specialised fleet management systems. Remote access to the fuel station allows further malicious actions inside the network. 

This was a real case described in one of Kaspersky’s studies. At the gas station, fuel management software was used to track the amount stored, set the price, and process payments. The system was connected to the internet and had vulnerabilities that allowed remote admin access with the ability to even change the fuel price. 

There are also suppliers and service companies that have access to some parts of the infrastructure. Compromising these third parties may open doors to the target system for attackers. In fact, this type of threat is of great concern for companies of any size profile: a third (32%) of large organizations suffered attacks involving data shared with suppliers. What’s more, the financial impact of such incidents on enterprises is the highest across all types of attacks in 2021. 

Another set of risks involves network and device issues that may potentially lead to the disruption of fuel station services or direct financial impact. Attacks can come from remote networks or by connecting to wireless networks or wired network ports available onsite. 

Then, if the network is not segmented, the attack can spread from entry points such as secondary equipment in a shop and office workstations to critical components such as fuel management controls. The usage of unencrypted protocols (HTTP, CDP, FTP, Telnet, etc.) in the gas station network may allow adversaries to disclose sensitive information for further attack development. 

Another critical but evergreen problem is vulnerabilities or security flaws in the fuel controller, POS terminals, and network equipment, as well as corporate endpoints and applications. In 2015, 5,800 automatic tank gauges (ATGs) were found to be exposed to unauthorized access from the internet because of a lack of password protection on a serial port. ATG is an electronic component placed in the tank that monitors the level of fuel and checks if it is leaking fluid. And through this serial port, the ATG can be programmed. If the signal it transfers is not correct, the operator won’t get an alert about any deviation. Figures from 2015 also suggested that at the time, most systems were in gas stations in the US and represented 3% of those used in the country. By compromising such critical systems as automatic tank gauges, criminals can unlock options for fraud or even physical damage. 

It is also important to verify all workstations used on the forecourt such as points of sale, back-office systems, fuel controllers or payment terminals, as well as their configuration and even access to USB ports. For example, a lack of encryption or incompliancy to the PCI DSS standard in a payment system can contribute to the risk of an attack. For a fuel controller, it is also important to check industrial protocols. Lack of source authentication or integrity control may give adversaries, performing a man-in-the-middle attack, the opportunity to intercept data and manipulate station controllers. 

Another point to manage is wireless gateways and reader units. A security assessment should be performed to identify insecure industrial protocols, the possibility of jamming and spoofing attacks. 

How to improve

There are major security measures that should help increase the overall level of operational technology infrastructure. It is applicable to fuel stations but is no less relevant to any industrial network. 

Network security: Purpose-based network segmentation enhances overall security and minimizes the surface of a possible attack. The segment of the network that has access to untrusted parts of it, such as corporate IT, should also be separated and protected with appropriate enterprise-grade protection software. 

Passive OT network monitoring is essential for asset and communication inventory and detection of intrusions before they affect the technological process. Monitoring data also helps IT security teams to analyze events and consider hardening measures. 

Access control: This should include restricting physical and logical access to the automation and control system. Security measures for remote access control for service companies will help to avoid third-party incidents. 

Endpoint protection: It is important to implement specialized industrial-grade security software for OT hosts and servers. Ensure that the software is approved by the automation vendor and compatible with its solutions. This should help to avoid a situation where the protection product affects operation functions. 

Security management: A system for centralized security event collection and protection software policy management should be implemented. It is also important that the solution allows vulnerability and patch management. If the system can be integrated with Security Information and Event Management (SIEM), that is a ‘nice to have’ option for organizations that plan to upgrade their protection level. Real-time continuous monitoring and endpoint data collection with rules-based response and analysis capabilities will help to further improve protection from advanced attacks. 

A more fundamental approach that involves long-term measures is also important to improve the overall cybersecurity posture. This means adhering to industry standards for information security controls such as IEC 62443, NIST, NERC CIP, and so on. The organization should also conduct penetration testing or security analysis regularly, to identify vulnerabilities and information security problems before they are exploited by someone. And then, of course, follow all recommended measures to fix them properly. 

Going deeper, there are specific requirements for companies with different levels of protection. But the measures listed above are essential to fill most cybersecurity gaps. Be it a fuel station, refinery, or giant car manufacturer, the basic principles of OT and IT protection should allow the company to build a reliable cybersecurity system and develop it according to their needs. This will provide a great foundation for satisfied business owners and happy clients. 

TECHNOLOGY

Infinit Care powers mental health in workplace with technology

June 28, 2022 8:12 p.m.

Members of the media were gathered last June 24, to talk about workplace mental health and how Infinit Care is pioneering a tech-based solution that allows companies to support the mental wellbeing of employees.

Workplace Mental Health

Mental health issues are on the rise, especially among the working population and it’s severely affecting overall health and productivity.

The World Health Organization found that mental illness is prevalent in the Philippines. In fact, it is the third most common disability in the country. The National Center for Mental Health also recorded a 500% increase in monthly hotline calls due to depression during the pandemic.

Companies have tried to answer this plight by providing mental health support whether in-house or through a 3rd party provider.

However, a lot of the options in the market focus on delivering solutions that cater to those who are already in crisis and leave out a significant part of the population.

Studies also show that despite increases in stress and burnout, utilization for mental health benefits remain low due to the lack of access to proper mental health solutions and the persistent stigma around talking about mental health struggles.

A Pioneer in Mental Health Tech

Infinit Care partners with businesses and organizations to provide their employees and community with comprehensive mental health support.

“Our platform of care solutions are founded on The Mental Health Continuum which takes into account a wide range of mental health states so that every employee can receive customized support, no matter what they’re going through, wherever and however they need it,” explained Infinit Care Marketing Head, Paola Silva. 

“Everyone needs different kinds of care at different times. We work with companies who care deeply about the mental wellbeing of their employees and understand that mental health is just as important as physical health. We help companies bring the best out of their people by providing personalized mental health support.” said Infinit Care’s Head of Clinical Care, Shyne Mangulabnan.

Infinit Care is the only provider in the Philippines that can provide multi-channel mental health support.

Available via web and mobile app (iOS and Android), Infinit Care can meet the varying needs of all employees.

Our suite of solutions include 24/7 chat support with real live Care Chat Coaches who commit to an average response time of 5 minutes, a team of qualified licensed counselors and coaches available for virtual counseling or coaching at your convenience, a library of mental health tools and content to meet the varying needs of your workforce, and mental health training and capacity building workshops for the leaders and entire organization.

For more information on Infinit Care, visit https://www.infinitcare.co

Continue Reading

TECHNOLOGY

3 ways to build a sustainable, digital Asia-Pacific

June 21, 2022 9:38 p.m.

By Baifeng Lin

Many countries in the Asia-pacific have released digitalization strategies. Cloud Computing technologies are the cornerstone of the digital frontier. For digital economies to thrive they must adopt an open and green ecosystem.

The last two years have been a series of trials. Out of the changes, there has been increasing attention in the digital world and rekindled vigor in how people, businesses and organizations should adapt.

As one of the most populous and diverse regions in the world, the Asia-Pacific is set to be the fast growing economy at the forefront of the global digital landscape. It represents two-thirds of the world’s population, and would reap an economic dividend of more than 1.7 trillion annually.

Mckinsey notes that COVID-19 has accelerated digital transformation by seven years globally and 10 years in Asia Pacific.

To catch up with this sweeping trend, many countries have released national digitalization strategies. For example, Singapore released its Smart Nation 2025 blueprint, Indonesia and Malaysia released strategies to Go Digital, Bangladesh released its Digital Bangladesh blueprint, and Thailand announced its vision to become a digital Hub in ASEAN.

From a technological point of view, the future of Asia-Pacific will require a digital economy underpinned by leading Information and Communications technology solutions and an open and green industry ecosystem is needed as soil for innovation.

And finally, we will need to chart an effective course that addresses gaps in equality to normalize the playing field.

  1. Build ICT Infrastructure for digital economy

ICT has already proven its value in accelerating economic recovery post-pandemic. Connectivity and computing are the lifeblood of the digital frontier. While connectivity  continues to bridge the digital divide offering new education and employment opportunities, enterprises look to the cloud, connectivity and AI to optimize their businesses.

However, the digital readiness of the region varies greatly. For example, China is stepping into data dividend and information dividend, and Southeast Asia is still under the peak phase of demographic dividend. In China, 5G has been widely covered across the country and the penetration rate is more than 40% -100+Mbps, fiber home pass rate is over 90%. However, the large-scale use of 5G has only started in some SEA countries. In SEA, 4G mobile coverage is slightly above 50%, and fiber broadband only reaches one third of households. Cloud penetration in SEA enterprises is less than 20%, which indicates a huge space for data monetization and industry digitalization.

Regarding 5G technology, it is already emerging as a game changer in key industry sectors. For example, Siriraj Hospital, the largest hospital in Thailand on the frontline in the fight against COVID-19, launched the first 5G smart hospital in the ASEAN region featuring smart logistics, 5G Ambulance and smart inventory management.

According to professor Dr. Prasit Watanapa, Dean of Faculty of Medicine Siriraj Hospital, Mahidol University, “the 5G smart hospital project will be a new model for modern medical facilities, 5G provides the high-speed connections needed to ensure seamless transfer of patient data and operation of telemedicine equipment”.

In some remote areas with limited access to 5G, digital infrastructure is playing an even more important role. The Bangladesh government has made great efforts and progress in implementing network in over 2,600 townships and enabling social well-being service including e-government and finance.

In Malaysia, known as “the kingdom of spices”, HEXA Food established an Internet of Things team to train a chili identification model on Cloud MOdelArts. The image recognition technology of Atlas 500 quickly and accurately identifies the quality of the chilies. Intelligent AI-powered sorting eliminates errors in manual sorting and improves the efficiency by 50%.

  • Create an open and green ecosystem

Meanwhile, every country, business and individual has faced some common questions recently — how to survive and develop with resilience and robustness in an environment full of uncertainties? The booming digital economy and low carbonization will generate new business form, new production relationships, and new value distribution systems. A healthier and greener industry ecosystem is therefore required.

First, embracing a digital Asia-Pacific will make an open and collaborative ICT ecosystem will include government, partners, operators and users and will help shape opportunities for transformation in different industries. A good example would be the joint open lab in Singapore. All companies, academics and government agencies can use the lab, where they can have access to cutting-edge robotic solutions, intelligent digital twins, and Ai development kits for research.

Secondly, moving towards carbon neutrality, digital power technologies will be essential to enable energy digitalization for a greener future. In Thailand, smart photovoltaic rooftops are being installed in over 1,200 convenience stores. This is expected to reduce carbon dioxide emissions for more than 1,300 tons every year. By integrating Ai and Clod in PV for optimal power generation, this makes the solar power plant to highly efficient, safe and reliable and builds the foundation for the solar to become the main energy source.

  • Chart a sustainable and inclusive course

Simultaneously, we need to be aware that half the world doesn’t have internet access. In Asia-Pacific, according to the APNIC Foundation, the total internet adoption rate in the region remains below half of the total population at 48.4%. By 2023, it’s estimated this will increase to 72% (3.1Billion users), leaving more than a quarter of the region’s population still disconnected.

That’s simply untenable in an increasingly digital world as people can’t be empowered by technology if they don’t know how to use it. Service like mobile payments, government services, access to digital education and healthcare should all act as gateways to anyone and help underserved communities, including women, girls and older generations.

Take education for example, the ability to learn knowledge regardless of location has helped democratize education resource access. In the Philippines, PLDT-Smart Foundation worked with the tech company to promote the School-in-Bag project. Each backpack includes a laptop for the teacher, 20 tablets and a Smart LTE pocket Wi-Fi kit. It significantly enhanced the students’ learning capabilities, helped children absorb their lessons, and improved the teaching strategies.

Future is digital

Technology has the power to level the playing field. It can bring education, healthcare and jobs to anyone, anywhere around the world. It will revolutionize businesses and industry and it can help manage our use of the world’s resources to enable a sustainable and green future.

In the Asia-Pacific Region, the digital economy ignites social recovery and enables resilient future. It provides synergies for public-private industrial collaborations across country boundaries and scenarios. As we arrive on the precipice of a digital future, we must strive to focus on the harmony that exists between our real world, and the digital one ahead.

Continue Reading

TECHNOLOGY

Infinix announces NOTE 12-PUBG partnership for smoothest gaming experience

June 16, 2022 8:23 p.m.

Infinix has announced a partnership with massively popular Player Unknown’s Battlegrounds (PUBG) and its newly-released NOTE 12 promising gamers hours upon hours of the smoothest gameplay experience that will test their skills and unleash their fullest gaming potential.

“Filipinos are some of the most passionate and skilled gamers out there and we, at Infinix, want to highlight that talent and the ever-growing E-sports community with this NOTE 12 partnership with PUBG,” said Infinix’s Marketing Head, Joseph Cernitchez. “From the limited edition PUBG packaging at launch, show matches with your favorite gaming influencers, to a nationwide PUBG tournament, we have so much in store for everyone that will show gamers  why the NOTE 12 is the ultimate gaming phone.”

PUBG is an online multiplayer battle royale shooting game released in 2017 by PUBG studios. Inspired by the film Battle Royale (2000), the game follows how up to 100 players get parachuted onto one of several maps and how they manage to scavenge for weapons and equipment to eliminate the other players and win the round by being the last man–or team–standing.

As part of the Infinix x PUBG partnership, Infinix launched a limited edition PUBG box and case exclusively for the NOTE 12 G96.

Infinix and PUBG will also be holding a nationwide PUBG tournament that seeks to gather the best players and teams across the Philippines in a series of battle royale showdowns.

They will also bring together some of the renowned mobile gamers in an All-Star game during the tournament.

In the meantime, while you’re gathering your team for the Infinix x PUBG Mobile Cup, view the NOTE 12 in action at Infinix’ official website.

The smoothest gameplay experience 

Experience the best mobile gaming experience with the MediaTek Helio G96 Ultra Gaming Processor providing more speed and power to the NOTE 12.

The chipset is a 64-bit octa-core that incorporates two powerful Arm Cortex-A76 and six Arm Cortex-A55 processor cores clocked up to 2.05GHz and Arm Mali G57 GPU that work together to harness next-level intelligence for groundbreaking performance.

Casual and heavy gamers alike will find that no game is too heavy for the NOTE 12. Infinix expands the NOTE 12’s 8GB memory to 13GB by integrating RAM and ROM to provide users with up to 5GB extended RAM.

This improves the smartphone’s processing speed and accelerates performance when users are using their smartphone to multi-task by delivering extra power when it’s needed.

The NOTE 12 is also one of the thinnest smartphones at 7.8mm that comes equipped with a 33W Fast Charge feature, and a huge 5000mAh making this lightweight smartphone more portable than ever while staying powered all day long. So gamers need not worry if they have enough juice while training and even competing.

Beyond gaming, photography enthusiasts will also love the 50MP Ultra Night Triple Camera, which can take clearer night pictures, and its large AMOLED screen with blue light technology.

The Note 12’s screen features the brightest colors on an eye-friendly display that gives the best performance in contrast ratio and color calibration in 1080×2400 pixels resolution.

Want to test your shooting skills and mettle against some of the best PUBG players in the Philippines? Watch for the Infinix x PUBG Cup–see how the Infinix NOTE 12 gives you that smoothest gameplay experience for you to reign supreme and your team may just get the chance to win the massive prize pool!

Learn more about the Infinix Cup and register your team by visiting Infinix Facebook Page. 

The NOTE 12 is available in Force Black, Sapphire Blue, and Snowfall in 128GB and 256GB for P8,990 and P9,990, respectively at Infinix stores nationwide, via Shopee. For more information, visit http://www.infinixmobility.com/.

Continue Reading