|
SAVANNAH, Ga. -- The security associated with industrial control systems (ICS) is facing heavy criticism this week at the ICS Joint Working Group 2012 Spring Conference, sponsoredby the U.S. Department of Homeland Security (DHS). DHS is concernedcyberattacks could disrupt America's energy, water andmanufacturing facilities. But DHS is also taking concrete steps to improve ICS through ajoint effort that includes Motorola Solutions, DHS and Israel'sNational Information Security Authority -- the Israeli governmentagency tasked with protecting its critical infrastructure.Together, under what's called the "Secure Controller JointProject," it has led to Motorola coming up with thesecurity-hardened ACE-3600, which was unveiled today at theconference. MORE: Security of industrial control systems questioned at DHS conference BACKGROUND: DHS: Gas pipeline industry under significant ongoing cyberattack "We live in a tough neighborhood in the Middle East with ourneighbors," said Erez Kreiner, director of Israel's NationalInformation Security Authority (NISA), speaking today about thedevelopment of Motorola's ACE-3600. He noted there had been morethan a few attempts by attackers to take control of ICS systems inIsrael in order to try to wreak harm. ICS systems are typically not known for good security, and in fact,Kreiner said he's even aware of industrial controllers that shippedwith viruses inside of them, sardonically calling it "virus-addedtechnology from the vendor." But DHS, Motorola Solutions and the Israeli government are hopingMotorola's ACE-3600 raises the bar for security in ICS. Israel'sNISA has just completed the testing and certification of it for usein Israel, and in the U.S., Idaho National Lab is reviewing it aswell. Motorola Solutions product manager Kobi Levin said Motorolaexpects to begin selling it in June. The ACE-3600 is a souped-up ICS that does a lot of what ICSs do notdo today in terms of security, including working with anauthentication server for secure user-access control and role-based permissions. It canencrypt data at rest and in transit, log security events, hassecure programming to avoid back doors, has an integrated IPfirewall, and uses McAfee whitelisting technology to make sure nounauthorized applications are added to the console. The RTU controller itself doesn't have away to use whitelisting yet, but McAfee is working on that, saysLevin. McAfee, the security company that's now part of Intel, today alsopresented a security approach for ICS-based networks used in plantsand manufacturing, which increasingly have some way to access thecorporate business networks that have Internet access, whichheightens risk. Eric Knapp, director of critical infrastructure markets at McAfee,noted that it's not feasible to run antivirus software for acontroller because of the CPU consumption. But other controls, suchas whitelisting, which restricts unauthorized applications, can beused on consoles, for example. McAfee is working on some securityproducts especially designed for use in the ICS environment. Despite the differences, there are also a lot of similaritiesbetween the engineer's ICS and SCADA networks and the company'stypical IT business network, Knapp points out. Like the IT businessnetwork, ICS networks can use products such as firewalls,intrusion-prevention systems security information and eventmanagement (SIEM) as well. "But you shouldn't rely on IT's -- you need your own," said Knappabout how engineers operating ICS networks need to tailor networksecurity design to meet the unique needs they have. Often, thereare older systems used in round-the-clock operation that simplycan't face disruptions since critical industrial processes are atstake. In a separate session today, security analyst Jonathan Pollet withfirm Red Tiger Security, which focuses on industrial controlsystems, delivered a withering assessment of the current state ofsecurity in ICS. ICS security lags five to 10 years behind what's commonplace inbusiness IT systems today, Pollet said. That's even though theseindustrial control system networks look more and more like businessIT because they're running Cisco equipment, Windows and Active Directory and file and print services, said Pollet. Pollet said he and his associates will walk into any variety ofplants and manufacturers as consultants to do security assessments,and what they see can be astonishing in terms of securityweaknesses. He says the latest security blunder involves plugging smartphones into operator consoles, which can bridge the control systems tothe Internet. "We ask them why they're doing this, and they say,'We're trying to get some more juice.'" Pollet noted that stealthy attacks to compromise networks are onthe rise, such as those against the gas pipeline industry announcedby DHS this week, which he said isn't a rare phenomenon. Socialnetworks are also a place where social-engineering ploys can beused to gain information that shouldn't really be publicly shared. He said his firm in the past has even found shocking evidence ofrootkits in control systems. And he noted that if anyone doubtscyberwar is a possibility, "we were contacted by two governmentsoverseas -- not China -- to help them create a cyberwar campaign.They wanted SCADA capabilities. "We're still struggling as an industry to develop secure products,"he concluded. Ellen Messmer is senior editor at Network World, an IDG publicationand website, where she covers news and technology trends related toinformation security. Read more about wide area network in Network World's Wide Area Network section. I am an expert from opleder.com, while we provides the quality product, such as 5630 LED Module , SMD LED Tube Light, 5050 SMD LED Module,and more.
Related Articles -
5630 LED Module, SMD LED Tube Light,
|
