With highly distributed environments and operations, the critical infrastructure sector is a prime target for cyberattacks and hackers from all horizons. Whether in gas, electricity, water or national health services, organizations have to adapt to increasingly complex threats. Industrial and SCADA networks are weak, vulnerable points of entry and need renewed attention.
A cybersecurity case study
As an example of how easily an incident may occur, consider this case from Germany in 2013.
During the testing of a new gas network control system in southern Germany, a status request was issued by a machine. Due to human error the message was wrongly distributed in the Austrian control network, which led to all the power devices sending status messages back into the network. The network was instantaneously overloaded and ground to a halt. Thanks to thousands of field engineers and man hours, a network power overload was narrowly avoided and major damage to critical infrastructure was averted. A call too close…
“We need to be aware that today, when we talk about cybersecurity we are not just talking about outside threats but also incidents from within that can and usually do start with very simple human error(s),” says Alex Christophe, Sales Manager Europe at gateprotect GmbH.
Some of the key factors behind cybersecurity incidents and the challenges of IT and OT protection are discussed by Mr Christophe in the Engerati briefing, Cybersecurity & Risk Management for Critical Infrastructures.
A targeted approach to cybersecurity
The cybersecurity challenge is embodied in the perception that network separation is “good enough”, with the process network incorporating the industrial capability such as field devices shielded from the office network with its core IT capabilities and vice-versa, explains Mr Christophe.
Big data, business intelligence, smart grid and on-demand utilities are catchy words that actually mean that this network isolation is a thing of the past. gateprotect has worked with industry leaders to ensure its solutions can protect both environments with a focus also on industrial protocols.
“For example, we can allow some of the processes with whitelisting and deny others with blacklisting, all through a granular decoder from ipoque that is both very fast and very clever."
The solution also allows a first line of defence in the office network with a second line of defence with specialized controls and commands for the process network activities. As a result both networks can be effectively protected with a common tool, easy to use graphical interfaces and a modest budget.
Support for energy specific protocols
gateprotect, a Rohde & Schwarz company, was the first manufacturer to fully support energy specific protocols in its cybersecurity solutions.
Mr Christophe says the ipoque DPI engine built into the gateprotect range is able to decode and validate industrial protocols, similar to the principle of an airport baggage scanner. This is a sure way to deal easily with rules, restrictions, authorizations, etc. with the eGUI, and thereby removing the human error factor.
gateprotect solutions will be briefly reviewed in the briefing.
“We stand for advanced no-nonsense technologies that are flexible, individualized and subject to some of the toughest IT security legislation in the world today,” states Mr Christophe.
For more information on how to protect your critical infrastructure from cybersecurity threats, register for the briefing.