Cisco Blogs


Cisco Blog > Internet of Everything

HAVEX Proves (Again) that the Airgap is a Myth: Time for Real Cybersecurity in ICS Environments

July 3, 2014 at 7:00 am PST

The HAVEX worm is making the rounds again. As Cisco first reported back in September 2013, HAVEX specifically targets supervisory control and data acquisition (SCADA), industrial control system (ICS), and other operational technology (OT) environments. In the case of HAVEX, the energy industry, and specifically power plants based in Europe, seems to be the primary target. See Cisco’s security blog post for technical details on this latest variant.

When I discuss security with those managing SCADA, ICS and other OT environments, I almost always get the feedback that cybersecurity isn’t required, because their systems are physically separated from the open Internet. This practice, referred to in ICS circles as the “airgap”, is the way ICS networks have been protected since the beginning of time; and truth be told, it’s been tremendously effective for decades. The problem is, the reality of the airgap began to disappear several years ago, and today is really just a myth.

Today, networks of all types are more connected than ever before. Gone are the days where only information technology (IT) networks are connected, completely separated from OT networks.  OT networks are no longer islands unto themselves, cut off from the outside world. Technology trends such as the Internet of Things (IoT) have changed all of that. To gain business efficiencies and streamline operations, today’s manufacturing plants, field area networks, and other OT environments are connected to the outside world via wired and wireless communications – in multiple places throughout the system! As a result, these industrial environments are every bit as open to hackers and other cyber threats as their IT counterparts. The main difference, of course, is that most organizations have relatively weak cybersecurity controls in these environments because of the continued belief that an airgap segregates them from the outside world, thereby insulating them from cyber attacks. This naivety makes OT environments an easier target.

The authors of HAVEX certainly understand that OT environments are connected, since the method of transmission is via a downloadable Trojan installed on the websites of several ICS/SCADA manufacturers. What’s considered a very old trick in the IT world is still relatively new to those in OT.

It’s absolutely essential that organizations with ICS environments fully understand and embrace the fact that IT and OT are simply different environments within a single extended network. As such, cybersecurity needs to be implemented across both to produce a comprehensive security solution for the entire extended network. The most important way to securely embrace IoT is for IT and OT to work together as a team. By each relinquishing just a bit of control, IT can retain centralized control over the extended network – but with differentiated policies that recognize the specialized needs of OT environments.

We’ll never completely bulletproof our systems, but with comprehensive security solutions applied across the extended network that provide protection before, during, and after an attack, organizations can protect themselves from most of what’s out there. A significant step in the right direction is to understand that the airgap is gone forever; it’s time to protect our OT environments every bit as much as we protect our IT environments.

Tags: , , , , , , , , , , , , ,

Telstra Building the Foundation for Premium Cloud Services

Internet traffic in Australia is set to grow 3-fold from 2013 to 2017 according to the latest data from Cisco’s Visual Networking Index (VNI). However, if we “look behind the curtain” there is more to this story beyond just greater bandwidth demand as both consumers and enterprises are increasingly adopting cloud-based services. This move to the cloud provides a new opportunity for traditional service providers since they can uniquely combine network infrastructure and data center capacity to deliver premium cloud services with an SLA guarantee. Australia’s leading telecommunications and information services company, Telstra, has established itself as a trusted provider of cloud services, such as collaboration and management applications, to customers. They’re achieving this with a new architectural approach that enables a next generation Internet experience combining networks, data centers and applications together while ensuring resiliency, low-latency performance, and programmability.

Telstra recently announced Read More »

Tags: , , , , , , ,

Critical Infrastructure: How Smart Cities Will Transform Latin America

Although Latin America is a developing region, the area is making strides towards becoming more efficient, cleaner and more innovative—characteristics of smart cities and the Internet of Everything (IoE) are making it possible. Many people now beg the question, “Are smart cities real?” Wim Elfrink answers the question with a firm yes, referring to smart cities as tangible and necessary to foster economic and developmental growth.

With more and more people flocking to urban areas, cities that don’t embrace the digital economy will lag behind. Leading cities are reinventing themselves with real-time, networked applications to improve everything from traffic flow and parking to water usage and city-wide energy consumption. In some, passersby can instantly find nearby restaurants, shopping deals, mass transit and more at their fingertips through connected mobile devices.

Cisco_SmartCitiesLatinAmerica_DK_24

Internet of Everything Enabling Connected Cities
Recently, Cisco partnered with AGT to develop an upcoming Internet of Things-enabled traffic management system that Read More »

Tags: , , , , , , ,

IoT in Manufacturing: Insights and Best Practices

IoT Webcast Manufacturing net

Recently, the second of a two-part Manufacturing.net webcast series on ‘The Internet of Things ’ (IoT) wrapped with a deep dive on the very real business advantages and outcomes that are enabled when IoT is fully applied to Manufacturing operations. One of the speakers, David Gutshall, Infrastructure Design Manager at Harley-Davidson Motor Company, highlighted many advantages he’s experienced with deployments of the Converged Plant-wide Ethernet solution architecture from Cisco and Rockwell Automation. In the webcast, David talked about “greater manufacturing flexibility across the supply chain, where … we can collate data across the factory (and enterprise) … and have experienced a substantial reduction in downtime.”  He described that with an IP-enabled Connected Factory, “what used to take hours or days to triage and troubleshoot problems now takes seconds.” Expanding on the topic, David said “when we bring a new machine online, it essentially works with the network out-of-the-box,” yielding greater flexibility and significantly reducing new model NPI (New Product Introduction) cycles and time to market.

Similar companies, like General Motors, have leveraged this industrial automation and controls system (IACS) architecture, which GM calls ‘Plant Floor Control Network’ (PFCN), to reduce downtime by as much as 75% and to drive out hundreds of $millions in plant engineering, operations and maintenance costs associated with factory expansions and modernizations. Both GM and Harley identify one of the biggest advantages of a standardized yet flexible factory automation infrastructure is the acceleration of NPI offerings and advancement into new markets. Over the past decade, GM with partners has been able to gain a leading share of passenger vehicles produced in China, Brazil and other emerging markets. And as Harley rolls out their recently announced LiveWire electric motorcycle, I suspect that an integral part of their strategy includes the American manufacturing renaissance vision for a dynamic, fun, flexible factory of the future. Take a look at this inspirational video from Harley describing the modernization and transformation of their existing York Manufacturing Facility:

Read More »

Tags: , , , ,

Open Source at The Large Hadron Collider and Data Gravity

I am delighted to announce a new Open Source cybergrant awarded to the Caltech team developing the ANSE project at the Large Hadron Collider. The project team lead by Caltech Professor Harvey Newman will be further developing the world’s fastest data forwarding network with Open Daylight. The LHC experiment is a collaboration of world’s top Universities and research institutions, the network is designed and developed by the California Institute of Technology High Energy Physics department in partnership with CERN and the scientists in search of the Higgs boson, adding new dimensions to the meaning of “big data analytics”, the same project team that basically set most if not all world records in data forwarding speeds over the last decade, and quickly approaching the remarkable 1 Tbps milestone.

Unique in its nature and remarkable in its discovery, the LHC experiment and its search for the elusive particle, the very thing that imparts mass to observable matter, is not only stretching the bleeding edge of physics, but makes the observation that data behaves as if it has gravity too. With the exponential rise in data (2 billion billion bytes per day and growing!), services and applications are drawn to “it”. Moving data around is neither cheap nor trivial. Though advances in network bandwidth are in fact observed to be exponential (Nielsen’s Law), advances in compute are even faster (Moore’s Law), and storage even more.  Thus, the impedance mismatch between them, forces us to feel and deal with the rising force of data gravity, a natural consequence of the laws of physics. Since not all data can be moved to the applications nor moved to core nor captured in the cloud, the applications will be drawn to it, a great opportunity for Fog computing, the natural evolution from cloud and into the Internet of Things.

Congratulations to the Caltech physicists, mathematicians and computer scientists working on this exciting project. We look forward to learning from them and their remarkable contribution flowing in Open Source made possible with this cybergrant so that everyone can benefit from it, not just the elusive search for gravity and dark matter. After all, there was a method to the madness of picking such elements for Open Daylight as Hydrogen and Helium. I wander what comes next…

Tags: , , , , , , , , , , , , , , , , , ,