Securing Industrial Control Systems in the Age of IoT Jeff Lund October 2016 2016 Belden Inc. belden.com @BeldenInc info.beldon.com/iiot
Control System Security Is Gaining Public Recognition 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 2
Control System Security Is Gaining Public Recognition 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 3
Control System Security Is Gaining Public Recognition 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 4
Reported Vulnerabilities & Incidents are Increasing Source: FireEye isight Intelligence 2016 ICS Vulnerability Trend Report 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 5
But ICS Cybersecurity Is Much More than Hackers <10% of issues are related to hackers Most attacks are device or human errors 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 6
But ICS Cybersecurity Is Much More than Hackers <10% of issues are related to hackers Most attacks are device or human errors ICS cybersecurity is about Improving system reliability Reducing down time Increasing productivity Decreasing operating costs Ensuring safety 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 7
But ICS Cybersecurity Is Much More than Hackers <10% of issues are related to hackers Most attacks are device or human errors ICS cybersecurity is about Improving system reliability Reducing down time Increasing productivity Decreasing operating costs Ensuring safety And protecting from hackers 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 8
Industrial Systems Bring Unique Security Challenges Most of the devices are preexisting, don t speak IP, use inherently insecure protocols and live in the field for decades Configuration, testing and maintenance must be done without shutting down the network Patching is usually not practical Active scans can damage systems Systems must keep running even if under attack or impaired 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 9
Real World Example: The Problem Regional wastewater treatment plant Mid-sized city in the Eastern U.S. 24 buildings / 500 pieces of equipment 15 treatment processes 13 million gallons of wastewater daily Runs 24 hours a day every day Little protection or separation of the SCADA network from the city s IT network Even the city s high school students could gain access if they tried 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 10
The Requirements Protect critical plant infrastructure from malware, traffic storms, errors and attacks Without giving up the ability to share data interdepartmentally or remote support and maintenance capabilities While increasing system reliability by following ISA/IEC 62443 cybersecurity standards Partition into zones; secure through conduits Security embedded throughout the system, not just as the perimeter 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 11
The Approach Engaged ICS security consultant to analyze system and partition into zones per ISA/IEC 62443 cybersecurity standard Each zone protected by a specialized industrial security appliance Field-level firewall Transparent to the network (no IP address) Easy to install, hard to attack No changes required to network or subnet addressing Deep Packet Inspection for industrial protocol communications Protects against all malformed packet attacks even ones that have yet to be discovered Enforces use-case driven security policy 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 12
The Solution: Final Application 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 13
The Results Tofino Security Appliances were easily wired into the network No disruption to the active network during configuration New system uses custom rules to manage network traffic Tofino Security Appliances block unneeded/unwanted traffic Protects and strengths system Allows access to all needed business and maintenance information Network is on the forefront of industrial cybersecurity 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 14
Key Points to Take With You Most IIoT systems are brown field with existing devices using insecure protocols Safety and reliability are job #1 in industrial IoT systems Cyber security has a major role to play in ensuring these goals Security is not just perimeter protection or air gaps; security needs to be woven throughout the network fabric 2016 Belden Inc. belden.com @Belden Inc info.belden.com/iiot 15
info.belden.com/iiot Belden.com @Belden Inc. 2016 Belden Inc.