Written by Amandeep Yashpal, Product Specialist – Cyber Security & Networks – UAE
Cyber security is a vital part of the process and infrastructure industry operations
Nowadays, Cyber security is a vital part of the process and infrastructure industry operations. Industrial cyber security refers to the protection of internal components and systems from internal and external malicious attacks to maintain the Availability, Integrity, and Confidentiality. It protects the industries against loss or damage.
Most of the network devices used in the industrial network are designed to meet functional requirement, safety, reliability and real time response. They were physically isolated from the outside networks. Most of the time only proprietary protocol and solutions are used for the industry network. At a later stage, TCP/IP protocol is introduced to industry networks which connect the industrial network to an external network. The introduction of TCP/IP to industrial networks, create new possibilities for better connectivity and also provide rich opportunities to adversaries to exploit the vulnerabilities.
The root cause of this intense new risk relates to the complexity of ICS legacy system that was never originally designed to stop cyber-attacks. Legacy water pump installed over the plant 15 years back, were obviously not designed to address modern cyber security attacks. Complex legacy technology and high attack consequences lead to a high cyber security risk for most industrial networks. It could be any reason for such incidents to happen. Likewise
- Lack of redundancy in the network.
- No segmentation of network.
- No security perimeter is defined.
- Firewall is not incorporated in the network architecture.
- No deep inspection of packets moving from field device to field device or control server.
- Insecure remote connections.
- Lack of compatibility of security architectural components with legacy protocols and system.
- No mechanism to identify the changes in configuration of field device and files.
The biggest challenge in the ICS and SCADA security protection is that the infrastructure used in ICS & SCADA is having significant legacy technology. This includes older protocol and proprietary control components.
How to protect SCADA & ICS system
To protect the SCADA and ICS, we need to introduce the security architectural components to industrial system networks. This includes firewalls, VPN, and router and so on. Secondly, we need the security products that can understand the industrial functions and behave accordingly. Few companies are doing their best to make fit their product for industrial network likewise Phoenix contact.
Phoenix contact offers a range of products for industrial networks and cyber security that are exclusively designed to work in environmental rigidness.
mGuard product range is a comprehensive solution for industrial security that will strengthen the industrial cyber security posture without introducing any complexity in the network.
With its mGuard product line of network security appliances, PHOENIX CONTACT is offering router, firewall, VPN, QoS, and intrusion detection, OPC/Modbus inspection, integrity monitoring, and more supporting functionalities, complemented with highly scalable device management software. Devices, which are both easy to install and service, can be integrated either in production systems or connected upstream to existing systems in continuous operation.
To know in details how mGuard product range will secure the industrial network security and helpful in compliance with industrial cyber security framework, route your queries to ayashpal@phoenixcontact.com
For more details please visit the following link Phoenix contact mGuard product range
Does your devices provides CIA support for weakly designed protocols like IEC104 and IEC 61850 (Substation supported protocol). Also, would like to understand how your products can value add in an already built architecture.
Hi Seemant,
Thank you for your enquiry.
I will get someone in the team to respond to your technical enquiry shortly.
Regards,
Dania Liswi