Cyber security tool protects infrastructure from hackers

Waikato company designs cybersecurity for vital infrastructure protection amid rising overseas ransom payments.

16 Jul 2021

First Watch, a spinoff from WaikatoLink, the University of Waikato’s commercialisation arm, is designed to protect the control systems of infrastructure including wastewater and electricity networks to fuel and gas lines or manufacturing facilities from cyberattacks.

Director of Research and Enterprise, Dr Simon Lovatt

The company has joined with CTEK Combined Technologies, New Zealand’s largest installer of industrial control systems, and after an initial capital raising through WaikatoLink and commercialisation partner KiwiNet, the system is being rolled out.

WaikatoLink Commercialisation Manager Matt McMahon said First Watch had been piloted with three large New Zealand companies and is now in use by two large manufacturing businesses. They are also in talks with industrial control installers in Australia, the United States, Europe and Asia.

“As we’ve seen with recent cyberattacks, the need for better cyber security systems is very real and there are currently few options for protection of the infrastructure vital to our modern society,” said Mr McMahon.

As infrastructure and manufacturing control systems had increasingly moved online and businesses sought to link operations like accounting and manufacturing, they had also opened themselves up to cyber attackers.

This month global meat producer JBS paid $11 million to hackers after a ransomware attack forced them to shut down their beef plants.

In May, hackers targeted Colonial Pipeline which saw them shut down their operational supply and led to panic buying and gas shortages across America’s East Coast, before Colonial paid $4.4 million in bitcoin to hackers.

Crown agency CERT NZ reported that between January and March this year there were 1400 reported cyber security incidents in New Zealand costing around $3 million.

University of Waikato, Director of Research and Enterprise, Dr Simon Lovatt, said traditionally the computing technology that controls the plants of manufacturing facilities has been separate to IT systems so, if hackers wanted to break in, they needed to be physically in the plant.

“As we’ve connected things like accounting systems with manufacturing, industrial control systems have moved online and anything that’s connected to the internet can be hacked.”

Previously people had worried about the actions of nation states in cyber attacks, but today cyberattacks have become a large industry for organised crime with serious implications as seen in the Waikato DHB ransomware attack.

The attack on the Waikato DHB was centred on its IT system, but Dr Lovatt said if cyber attackers infiltrated industrial control systems, they could interfere with anything, from a city’s wastewater treatment to fuel supply and electricity lines or manufacturing facilities.

While most cyber security tools manage the periphery, like a firewall on your personal computer, First Watch was designed to work at the core of an industrial control system creating a zero-trust environment, scanning for any data that should not be on the system and refusing to respond to it.

“It stops the system doing anything different than its day-to-day operations unless any new directions are fully and properly authenticated,” said Dr Lovatt.

The system was also designed to take a complete inventory of all assets on a network and identify any that have not been updated or pose a risk.

“That’s important because staff might connect to the system from a laptop at home and unknowingly introduce a virus. Having a full inventory of all software and hardware on a system is a really valuable tool,” said Dr Lovatt.



Related news