Network Security
The first line of defence for industrial networks SOURCE: PROCENTEC
Technology solutions are providing companies ways to eliminate network vulnerabilities and strengthen security, bridging the gap between OT and IT and sparking widespread interest in industry. Although the focus is often on external attacks, internal threats can be just as damaging to industrial networks.
Whether it’s a mistake due to inexperience with a task or protocol, or with the intention to inflict damage, threats can lead to costly downtime. THE IMPORTANCE OF IT-SECURITY HAS BEEN acknowledged by experts for years, whereas securing Industrial Control Systems seems to have been overlooked. Whilst attacks on Operational Technology (OT) environments are becoming more frequent, companies are looking for ways to eliminate network vulnerabilities and bridge the gap between OT and IT. The release of four major technology solutions to strengthen industrial network security has sparked a widespread interest in industry.
External and internal threats
Although the focus is often on external attacks, such as malware, phishing and hackers, internal threats can be just as damaging and more likely to occur. Whether it’s a mistake due to inexperience with a task or protocol, or with the intention to inflict damage, these threats can lead to costly downtime. Keeping track of modifications to physical assets is more important than ever. But if an industrial network security doesn’t
48
extend much beyond a firewall, devices are vulnerable. A firewall won’t protect the network from people who know how to go around it. Even if a network is air gapped, users can’t safeguard it against authorised individuals who make an error. The Security License tackles the everyday threat posed by unintentional and bad actors. It permanently monitors any planned or unplanned changes to your devices, giving an industrial network an extra layer of protection. Some of its key features include ‘Quiet Hours’ and ‘Maintenance Mode’. Quit Hours will notify users if there is any communication on the network when there shouldn't be any (e.g. events, night-time, weekends, holidays etc.). Maintenance Mode allows companies to make changes on their network without getting a security alert. In addition to this, there are multiple inspections included to tackle the most often overlooked security vulnerabilities. The Port Scan, SNMP Write Access Scan, Device Password Scan and Communication Baseline Scan make sure all the entries to the network are secured.
Accidental or intentional changes
Sudden changes to an Ethernet-based network—like a lost device or the installation of different firmware—can spell disaster if they’re unplanned, unauthorized or undiscovered. They could be the result of a malfunction or a sign of an intentional attack. Network Compare is a built-in feature of Osiris, Procentec’s monitoring and diagnostics tool. It notifies of sudden changes to the Ethernet-based network. It works by creating a snapshot of the network’s status at any given time. Network Compare sends out a variety of alerts from the notification centre whenever a change occurs, giving users time to act in an appropriate and timely manner. This feature easily Integrates with SCADA and other systems via OPC-UA and MQTT.
Data integrity using blockchain
Updating software in a decentralized OT environment can be a haphazard affair. But not knowing what has been installed can pose serious risks to your network. According to Honeywell’s latest USB Threat
in d u s t r ial et h er ne t b o o k
06.2021
