Close
Close
Linkedin
Close
Close

Who really has access to your critical operational technology (OT) data?

In sectors such as electricity, gas and water, third-party maintenance and collaboration partners are indispensable. At the same time, they are the weakest link in the defense of your operational technology (OT) environments.
Msafe-Prevent email-related data breaches

In sectors such as electricity, gas and water, third-party maintenance and collaboration partners are indispensable. At the same time, they are often the weakest link in the defense of operational technology (OT) environments. Here are three real-world examples of what can go wrong, followed by a practical five-step plan to make file sharing in OT truly secure.

1. Oldsmar, Florida: Water treatment nearly compromised

On February 5, 2021. a hacker accessed the SCADA workstation of the Bruce T. Haddock Water Treatment Plant. The attacker briefly increased the sodium hydroxide concentration from 100 ppm to 11,100 ppm, a level that could cause serious tissue damage. Only an operator’s alertness prevented physical damage. This incident shows how desktop sharing software can quickly become an operational security risk.

2. Ukraine: The first confirmed cyber attack on a power grid

On Dec. 23, 2015, attackers caused a coordinated power outage that left 225,000 Ukrainians without electricity. By stealing login credentials, corrupting firmware and inserting malware such as KillDisk into substations, they disabled critical systems. This was the first confirmed cyber attack on a power grid and shows how compromised file or firmware distribution can disrupt national infrastructure.

3. MOVEit leak hits U.S. Department of Energy

In June 2023, the the Cl0p group misused an SQL injection in the widely used MOVEit file transfer software. Multiple U.S. government agencies, including parts of the Department of Energy, saw sensitive data leaked. This case highlights how even large-scale and reputable file-sharing products can cause a chain reaction of data breaches due to a single vulnerability.

Five steps for secure file sharing in OT environments

  1. Separate partner spaces by project
    Give each partner a separate environment with customized access rights. Share only the strictly necessary files.
  2. Mandatory two-factor authentication
    Enforce 2FA (via SMS or authenticator app) on every upload and download to prevent misuse of stolen credentials.
  3. Automatic link expiration and retention periods
    Apply default expiration (for example, seven days) to each partial link and automatically remove expired links.
  4. End-to-end encryption
    Encrypt files with AES-256 from sender to receiver, with keys available only to authorized users.
  5. Comprehensive audit logs and reporting
    Capture every interaction – who, what, when and from what IP address. Monthly reports accelerate incident response and support compliance with NIS2 and ISO 27001.

Keeping operational technology truly secure

Sharing process and configuration files with external parties can inadvertently expose critical infrastructure. By implementing separate partner environments, mandatory 2FA, automatic expiration dates, true end-to-end encryption and strict logging, you minimize the risk of unwanted exposure. This keeps the data behind electricity, gas and water supplies reliable and secure – even in a time of growing cyber threats.

Share:

More Posts

KPMG research- why compliance in 2026 calls for Secure File Sharing
Blog

KPMG study: why compliance in 2026 calls for Secure File Sharing

Why is a Secure File Sharing solution indispensable in a good compliance policy? KPMG says in essence, organizations are facing more compliance pressures, increased privacy and cybersecurity requirements, and a growing need for monitoring, reporting and control. Our Msafe Secure File Transfer solution is perfect for an environment where sensitive files are exchanged encrypted, access-controlled and fully traceable.

Read More »
26/03/2026
Automate secure file sharing with the Msafe API
Blog

Automate secure file sharing with the Msafe API

More and more organizations want to automate file sharing. No longer manually uploading, sending and storing, but rather integrating secure file sharing directly into existing processes and systems. Msafe’s API makes this possible. Through an API, applications can automatically upload, share and link files to internal systems such as CRM or document management systems.

Read More »
12/03/2026
Can the US simply access Msafe data
Blog

Can the US just access Msafe data?

Your data resides with Msafe on Microsoft Azure in the Netherlands, with Microsoft Ireland as the contracting party. Yet we often hear the question: can U.S. legislation, such as the U.S. CLOUD Act, affect the sovereignty of customer data? In this article we clearly explain what the U.S. can and cannot enforce, why data location is not the same as jurisdiction, and how often this occurs in practice. We also show what measures Msafe deploys to minimize risk: EU hosting, client-side/end-to-end encryption, strict access with MFA and policies, and full audit trails. So that you can share securely and remain demonstrably compliant.

Read More »
26/02/2026
why email is obsolete technology
Blog

Why email is obsolete technology

Email is still the default channel in virtually every organization, but it was technically and organizationally designed for an Internet where “trust” was the default. In 2026, the reality is different: email is at once productivity inhibitor, risk accelerator and compliance headache.

Read More »
12/02/2026
Alternative to Zivver?
Blog

Alternative to Zivver?

Msafe Secure File Transfer is especially a logical alternative to Zivver
when you want to standardize file exchange with externals with strong governance and EU hosting as an explicit starting point.

Read More »
05/02/2026