Cisco Blogs


Cisco Blog > Internet of Everything

HAVEX Proves (Again) that the Airgap is a Myth: Time for Real Cybersecurity in ICS Environments

July 3, 2014 at 7:00 am PST

The HAVEX worm is making the rounds again. As Cisco first reported back in September 2013, HAVEX specifically targets supervisory control and data acquisition (SCADA), industrial control system (ICS), and other operational technology (OT) environments. In the case of HAVEX, the energy industry, and specifically power plants based in Europe, seems to be the primary target. See Cisco’s security blog post for technical details on this latest variant.

When I discuss security with those managing SCADA, ICS and other OT environments, I almost always get the feedback that cybersecurity isn’t required, because their systems are physically separated from the open Internet. This practice, referred to in ICS circles as the “airgap”, is the way ICS networks have been protected since the beginning of time; and truth be told, it’s been tremendously effective for decades. The problem is, the reality of the airgap began to disappear several years ago, and today is really just a myth.

Today, networks of all types are more connected than ever before. Gone are the days where only information technology (IT) networks are connected, completely separated from OT networks.  OT networks are no longer islands unto themselves, cut off from the outside world. Technology trends such as the Internet of Things (IoT) have changed all of that. To gain business efficiencies and streamline operations, today’s manufacturing plants, field area networks, and other OT environments are connected to the outside world via wired and wireless communications – in multiple places throughout the system! As a result, these industrial environments are every bit as open to hackers and other cyber threats as their IT counterparts. The main difference, of course, is that most organizations have relatively weak cybersecurity controls in these environments because of the continued belief that an airgap segregates them from the outside world, thereby insulating them from cyber attacks. This naivety makes OT environments an easier target.

The authors of HAVEX certainly understand that OT environments are connected, since the method of transmission is via a downloadable Trojan installed on the websites of several ICS/SCADA manufacturers. What’s considered a very old trick in the IT world is still relatively new to those in OT.

It’s absolutely essential that organizations with ICS environments fully understand and embrace the fact that IT and OT are simply different environments within a single extended network. As such, cybersecurity needs to be implemented across both to produce a comprehensive security solution for the entire extended network. The most important way to securely embrace IoT is for IT and OT to work together as a team. By each relinquishing just a bit of control, IT can retain centralized control over the extended network – but with differentiated policies that recognize the specialized needs of OT environments.

We’ll never completely bulletproof our systems, but with comprehensive security solutions applied across the extended network that provide protection before, during, and after an attack, organizations can protect themselves from most of what’s out there. A significant step in the right direction is to understand that the airgap is gone forever; it’s time to protect our OT environments every bit as much as we protect our IT environments.

Tags: , , , , , , , , , , , , ,

Critical Infrastructure: How Smart Cities Will Transform Latin America

Although Latin America is a developing region, the area is making strides towards becoming more efficient, cleaner and more innovative—characteristics of smart cities and the Internet of Everything (IoE) are making it possible. Many people now beg the question, “Are smart cities real?” Wim Elfrink answers the question with a firm yes, referring to smart cities as tangible and necessary to foster economic and developmental growth.

With more and more people flocking to urban areas, cities that don’t embrace the digital economy will lag behind. Leading cities are reinventing themselves with real-time, networked applications to improve everything from traffic flow and parking to water usage and city-wide energy consumption. In some, passersby can instantly find nearby restaurants, shopping deals, mass transit and more at their fingertips through connected mobile devices.

Cisco_SmartCitiesLatinAmerica_DK_24

Internet of Everything Enabling Connected Cities
Recently, Cisco partnered with AGT to develop an upcoming Internet of Things-enabled traffic management system that Read More »

Tags: , , , , , , ,

The Nexus of the Internet of Everything? It’s in the Palm of Your Hand.

On a typical day, we hold in our hands a portal to our civilization’s entire trove of information and entertainment — and a window into our finances, our health, and the lives of our friends. Not to mention, the ability to make a purchase anywhere and anytime the whim strikes us.

To say that our personal devices have become an integral part of our lives is a vast understatement. But get ready for an even bigger wave of change. Mobile is poised to become ever more ubiquitous. But the focus will be less on the device itself, and more on its role as a critical enabler in the connected world of the Internet of Everything (IoE).

Read More »

Tags: , , , , , , , , , , ,

Open Innovation Everywhere: Extending Cisco Entrepreneurs in Residence to Innovation Hubs across the U.S

Back in March, I wrote about Cisco’s continued focus on innovation and my personal goal of accelerating innovation by making openness part of our DNA. Similarly, at the recent Cisco Live event in San Francisco, I talked about the incredible Inertnet of Everything (IoE) journey in front of us and offered a few examples of what that future might hold. The IoE future of hyper-connected devices, people, data and processes will see retail, manufacturing, public services and health care fundamentally changed—and our lives made richer and safer. Today, we stand at the dawn of a revolution, and innovation will continue to lead the way.

With both internal and external programs to feed innovation, Cisco aims to nurture disruptive ideas. In this light, we are using our new startup innovation program, Cisco Entrepreneurs in Residence (EIR), to spur open innovation and drive Cisco’s own leadership position in the emerging IoE opportunity.

The Entrepreneurs in Residence program offers financial support, access to a co-working space, basic software tools and a potential opportunity to collaborate with Cisco product or engineering teams. Each cohort lasts six months, and startups are selected through a rigorous multi-phase selection process that evaluates the viability of their business plans, the strength of their teams and their alignment with Cisco’s strategic focus.

Read More »

Tags: , , , , , , , , , , , , , , ,

Safeguarding Privacy in the Internet of Things

Jason KohnBy Jason Kohn,  Contributing Columnist

You can’t open a web browser these days without coming across a story on the Internet of Things (IoT), and the ways that connected, autonomous devices will revolutionize every industry. There’s a reason for the hype: Cisco forecasts 50 billion connected devices by 2020, with the potential to create more than $14 trillion in value for global businesses over the next decade.

But IoT also heralds another revolution, in the degree to which individual behavior can be tracked and analyzed. While much of IoT focuses on verticals like manufacturing, energy exploration, and industrial applications, where the massive data generated by fine-grained monitoring is almost entirely beneficial, IoT will also touch on a broad range of consumer devices. From transportation to home automation to connected medical devices, machines will be monitoring the behavior of individuals more than at any time in human history. This raises a number of serious questions about consumer privacy and information security.  Read More »

Tags: , , , , , ,