Issue link: https://securitytechnologyexecutive.epubxp.com/i/107544
INDUSTRIAL SECURITY By Eric Byres & Brian Oulton Industrial Networks UNDER ATTACK Hackers and cyber security have become top-of-mind for executives tasked with protecting critical industrial systems S ince the discovery of the Stuxnet malware in 2010, industrial infrastructure has attracted some of the most sophisticated cyber attacks on record. Industrial networks and systems have become a key target for hackers. Even if your business is not focused in key critical infrastructure industries such as energy, water and transportation, many enterprises have a SCADA (supervisory control and data acquisition) or process control network somewhere within its organizational structure. These networks are undergoing the kind of attacks that previously had only been experienced by financial and government institutions. Those network attacks pose a huge vulnerability — one you may never know you had. The Industrial Network Challenge In the past, industrial networks ran on proprietary networks, used proprietary equipment and were isolated from business networks and the internet. This was the era of "security by obscurity" and "security by air gap." Over the last decade, however, industrial networks have been migrating from proprietary systems to commercial off-the-shelf (COTS) technology. Although the adoption of Ethernet was initially slow, it has been rapidly increasing now that issues such as determinism (the ability to have predictable delivery of network packets) and rapid failure recovery (resolved by new redundancy protocols that offer low fail-over times) have been addressed. 28 SECURITY TECHNOLOGY EXECUTIVE • January/February 2013 In addition, increased demand for real-time industrial information meant connecting plant floors to enterprise networks and the internet. Keeping a modern industrial system running requires a constant stream of updates from the outside world — the result is that the industrial floor has become a hotbed of communications activity, and it is no longer isolated. Furthermore, devices such as PLCs (programmable logic controllers) and DCS (distributed control systems) were designed with a focus on reliability and safety, rather than security — making many of them easy to exploit, particularly older units Since industrial networks are often required to run at all times and withstand hazardous environments, many security policies are never deployed — operational necessities and safety regulations overrule them. Even traditional IT security strategies such as patching are often impossible, due to conflicting industry-specific regulations. Add it up: vital networks with millions of hard-tosecure nodes, interconnected with enterprise networks and the internet; running 24 hours a day in heavily regulated environments with safety concerns; and the focus of the smartest security researchers and government warfare hacking programs in the world. It's a lot to contend with. A High Threat Level In the past, the main reason for securing industrial networks was to protect against inadvertent network incidents or attacks from insiders. Legacy industrial www.SecurityInfoWatch.com