The Need for Network Segregation in Critical Infrastructure Systems

April 2013

A recent article in the NY Times claims:

The vast majority of targeted computer attacks now start with a malicious e-mail sent to a company employee. Now evidence suggests that the same technique could be used to attack watersheds, power grids, oil refineries and nuclear plants.

This cannot be allowed to happen, here I explore the issue in a little more detail.

The NY Times is identified the risk as:

…all it takes is one click for an attacker to get inside a system. In one case, Critical Intelligence could see an instant messaging exchange between two employees that discussed critical systems. And while it would be difficult for attackers to inflict catastrophic damage from one employee’s machine, a patient attacker would simply wait for that employee to connect his or her laptop to an electrical substation, or move around the network to an employee who connected to critical systems regularly.

This is only true if the networks are connected. Air gaps are a candidate solution, but this also prevents legitimate business processes. As explored in air gap security failures, this need for the exchange of data is one reason why air gaps all too often fail.

Data Diode

In Air-Gaps, Firewalls and Data Diodes in Industrial Control Systems an alternative approach is explored that looks at putting one way network connections in place, based on Data Diode technology. This enables the business process, while reducing the risk. The briefing then looks further at how Data Guard technology can further minimise the risk, using content filtering to ensure only data related to the allowed business can pass the one way connection.

We cannot avoid the need to join systems, but we can manage the risks by understanding the business information exchange needs, and build solutions to enable those, but only those, data flows.

How are you achieving network segregation in your environment? Please leave your comments below.

See Also

 

Author Bio – Colin Robbins

Colin Robbins is Nexor’s Managing Security Consultant. He is a Fellow of the IISP, and a NCSC certified Security and Information Risk Adviser (Lead CCP) and Security Auditor (Senior CCP). He has specific technical experience in Secure Information Exchange & Identity Systems and is credited as the co-inventor of LDAP. He also has a strong interest in security governance, being a qualified ISO 27001 auditor.

 Archives

Be the first to know about developments in secure information exchange