Expert Review

Menu
Industrial networks are a new target

Industrial networks are a new target

The Internet of Things (IoT) can benefit many businesses through unprecedented access to inexpensive, connected devices which collect or send data that can be used to help make decisions about everything from where cows are grazing to the control of complex building management systems for climate, lighting and security controls.

Credit: ID 95136903 © Leowolfert | Dreamstime.com

The Internet of Things (IoT) can benefit many businesses through unprecedented access to inexpensive, connected devices which collect or send data that can be used to help make decisions about everything from where cows are grazing to the control of complex building management systems for climate, lighting and security controls. In industrial systems, sensors can tell you when a device is running optimally and when something isn't quite right, so a user can proactively manage a situation before it becomes a serious incident. 

But it also introduces a number of new risks.

Some connected devices are made to a cost-level that means security wasn't necessarily front-of-mind for the designers or manufacturers and it is often impossible to update the internal software or firmware should a vulnerability be detected. In an industrial setting, this could be catastrophic. For example, the Stuxnet malware that targeted centrifuges used in Iranian nuclear plants exploited vulnerabilities in connected centrifuges to cause physical damage. 

Connecting all these devices to legacy analogue networks is challenging. In some cases, the networks were designed to connect tightly controlled environments with hardware from a limited number of well-known vendors where systems updates were only rarely carried out. For example, hospitals deploy complex, connected devices, some of which can't be upgraded as changing an element of the software results in loss of certification for medical use. To complicate matters, many of those devices now need to be accessible remotely so data can be received by medical professionals located all over the hospital network. This means the air gaps that once isolated those systems are now being traversed.

There's a lot of focus on the impact of IoT devices on office networks. But the presence of sensors in operational networks like industrial control systems, energy management systems and SCADA networks is growing.  Those operational environments were traditionally governed on their own analog networks that were air-gapped from other office networks. But those air-gaps are no longer the norm as systems managers want to be reap the benefits of remote alerting and management tools and to access new networking technologies such as Sigfox, 5G and the LoRa network that is being deployed by Spark in New Zealand. 

This creates a new set of challenges. More devices are being connected, legacy networks are being more widely accessed and threat actors see new opportunities to cause trouble. 

Securing such environments isn’t easy. Sometimes industrial systems can't be shut down or restarted for regular patching because the risk of something going wrong often outweighs the perceived benefits. It's not uncommon to find industrial systems that have been running for months, or even years, without interruption. In these cases, security has to be approached from a different perspective. Rather than specifically looking at the end point devices the network becomes the key tool for detecting and blocking malicious activity. 

The good thing about industrial systems is their behaviour is well understood and controlled. When systems interact, the data passing between them is recognisable so potentially malicious or erroneous activity can be detected. For example, FortiNAC, Fortinet's Network Access Control device, profiles the activity of devices on networks and detects unusual behaviour, even triggering automated repossess to protect crucial assets. This is vital part of good system management.

As the lines between network industrial systems and other networks become ever more blurred and additional devices are connected with access to operational environments, the need to closely monitor and react to anomalous network activity is heightened. Without the right tools in place, industrial systems are at risk. And that risk should be either limited or completely removed as soon as possible.

For more information on FortiNAC click here.

To contact an Ingram Micro team member for further details and proof of concept click here.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags network access controlnetwork access control (NAC)industrial control systemsIoTInternet of Things (IoT)IoT devicesSCADA networksenergy management systemsoffice networksoperational networksoperational environments

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments