A new report by Trend Micro, a cybersecurity actor conducting research, reveals how vulnerabilities in protocol gateways can result in serious cybersecurity attacks. This information could be of high importance for businesses working in industrial environments as they often manage critical systems that could affect a great number of people if not handled properly.
How do Protocol Gateways Work in SCADA Environments?
Protocol gateways enable the translation of protocols for the different devices, such as machines, computers and sensors, that operate in an industrial environment and make it possible for them to communicate with each other.
Attackers Target Protocol Gateways
These protocol gateways do not get much attention but have been proven vital for the security of Industry 4.0 environments. If there are vulnerabilities in the translation function it opens up for sabotage. Undetected changes can be made after the crafted packets pass through the protocol gateway where they turn into malicious requests.
Trend Micro has analysed five different protocol gateways and has found the following weaknesses, amongst others:
- Vulnerabilities in authentication that enables unauthorised users to gain access
- Weak implementation of encryption making it possible to decrypt configuration databases
- Weak implementation of confidentiality mechanisms enabling the exposure of sensitive information
- Conditions for denial in service where the system crashes
- Vulnerabilities in the translation function that can lead to sabotage
How you Protect your SCADA Environment According to Advenica
In regard to the problems explained in the article by Trend Micro, Advenica has relevant solutions. We have extensive experience of solutions where networks can be physically isolated at the same time as information can be securely transferred. These solutions can enable accelerated digitalisation without jeopardising the accessibility and integrity of the OT systems. SCADA (Supervisory Control and Data Acquisition) systems must be handled securely as the consequences of an attack could be severe. Since there is a need for transferring information to other systems, special solutions are needed to get a secure transfer.
To safeguard ICS and SCADA systems, segmentation must be applied with high assurance solutions to guard the physical isolation yet enable completely secure communication. By monitoring logins, failed login attempts, transactions, USB usage etc., effective preventive measures can be mapped out and damage control can be taken without delay. To ensure integrity and confidentiality, military-graded solutions are required.
In short, the following solutions are needed:
- Physical separation of IT and OT using. Read more here and here!
- Use data diodes in the zone border for outbound data flows from OT. Read more here!
- Information allowlisting in the zone border. Read more here!
Also read our customer case “Cyber security in critical infrastructure – a matter of national interest and business value” – a case that describes how a large energy company secures its operation with solutions from Advenica.
If you would like to know some more about digital responsibility– or if you need some help with cybersecurity solutions to raise information security – you are most welcome to contact us at Advenica.
Read the whole report by Trend Micro here.