Expert Review

Menu
Industrial networks are a new target

Industrial networks are a new target

The Internet of Things (IoT) can benefit many businesses through unprecedented access to inexpensive, connected devices which collect or send data that can be used to help make decisions about everything from where cows are grazing to the control of complex building management systems for climate, lighting and security controls.

The Internet of Things (IoT) can benefit many businesses through unprecedented access to inexpensive, connected devices which collect or send data that can be used to help make decisions about everything from where cows are grazing to the control of complex building management systems for climate, lighting and security controls. In industrial systems, sensors can tell you when a device is running optimally and when something isn't quite right, so a user can proactively manage a situation before it becomes a serious incident. 

But it also introduces a number of new risks.

Some connected devices are made to a cost-level that means security wasn't necessarily front-of-mind for the designers or manufacturers and it is often impossible to update the internal software or firmware should a vulnerability be detected. In an industrial setting, this could be catastrophic. For example, the Stuxnet malware that targeted centrifuges used in Iranian nuclear plants exploited vulnerabilities in connected centrifuges to cause physical damage. 

Connecting all these devices to legacy analogue networks is challenging. In some cases, the networks were designed to connect tightly controlled environments with hardware from a limited number of well-known vendors where systems updates were only rarely carried out. For example, hospitals deploy complex, connected devices, some of which can't be upgraded as changing an element of the software results in loss of certification for medical use. To complicate matters, many of those devices now need to be accessible remotely so data can be received by medical professionals located all over the hospital network. This means the air gaps that once isolated those systems are now being traversed.

There's a lot of focus on the impact of IoT devices on office networks. But the presence of sensors in operational networks like industrial control systems, energy management systems and SCADA networks is growing.  Those operational environments were traditionally governed on their own analog networks that were air-gapped from other office networks. But those air-gaps are no longer the norm as systems managers want to be reap the benefits of remote alerting and management tools and to access new networking technologies such as Sigfox, 5G and the LoRa network that is being deployed by Spark in New Zealand. 

This creates a new set of challenges. More devices are being connected, legacy networks are being more widely accessed and threat actors see new opportunities to cause trouble. 

Securing such environments isn’t easy. Sometimes industrial systems can't be shut down or restarted for regular patching because the risk of something going wrong often outweighs the perceived benefits. It's not uncommon to find industrial systems that have been running for months, or even years, without interruption. In these cases, security has to be approached from a different perspective. Rather than specifically looking at the end point devices the network becomes the key tool for detecting and blocking malicious activity. 

The good thing about industrial systems is their behaviour is well understood and controlled. When systems interact, the data passing between them is recognisable so potentially malicious or erroneous activity can be detected. For example, FortiNAC, Fortinet's Network Access Control device, profiles the activity of devices on networks and detects unusual behaviour, even triggering automated repossess to protect crucial assets. This is vital part of good system management.

As the lines between network industrial systems and other networks become ever more blurred and additional devices are connected with access to operational environments, the need to closely monitor and react to anomalous network activity is heightened. Without the right tools in place, industrial systems are at risk. And that risk should be either limited or completely removed as soon as possible.

For more information on FortiNAC click here.

To contact an Ingram Micro team member for further details and proof of concept click here.

Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags network access controlnetwork access control (NAC)industrial control systemsIoTInternet of Things (IoT)IoT devicesSCADA networksenergy management systemsoffice networksoperational networksoperational environments

Featured

Slideshows

The making of an MSSP: a blueprint for growth in NZ

The making of an MSSP: a blueprint for growth in NZ

Partners are actively building out security practices and services to match, yet remain challenged by a lack of guidance in the market. This exclusive Reseller News Roundtable - in association with Sophos - assessed the making of an MSSP, outlining the blueprint for growth and how partners can differentiate in New Zealand.

The making of an MSSP: a blueprint for growth in NZ
Reseller News Platinum Club celebrates leading partners in 2018

Reseller News Platinum Club celebrates leading partners in 2018

The leading players of the New Zealand channel came together to celebrate a year of achievement at the inaugural Reseller News Platinum Club lunch in Auckland. Following the Reseller News Innovation Awards, Platinum Club provides a platform to showcase the top performing partners and start-ups of the past 12 months, with more than ​​50 organisations in the spotlight.​​​

Reseller News Platinum Club celebrates leading partners in 2018
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP has honoured its leading partners in New Zealand during 2018, following 12 months of growth through the local channel. Unveiled during the fourth running of the ceremony in Auckland, the awards recognise and celebrate excellence, growth, consistency and engagement of standout Kiwi partners.

Meet the top performing HP partners in NZ
Show Comments