US and Asia in network segregation forefront
Governments and industry bodies around the world are working hard on securing critical infrastructures. Breaches in recent years, including the hack of a Ukrainian power station, the infection by the Shamoon virus at multiple organizations in the Middle-East and the global outbreak of the WannaCry virus that infected 230.000 computers in 150 countries, have raised concern, but also increased awareness. Still, there are many differences when it comes to enforcing specific measures that boost security and data integrity.
It looks like the United States has the strictest rules and regulations. The NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) plan for example requires nuclear power plants to segregate networks by uni-directional technology. This can be done by using devices allowing network traffic (data) to move in only one direction. Such devices are often called data diodes. In other parts of the world rules are less strict, but governments and industry bodies increasingly advise to segregate critical infrastructure networks. Examples are France where the ANSSI and the governments strongly advise to use a data diode. The same applies in Italy and Germany, where relevant government bodies advise businesses to deploy data diodes to provide an extra layer of security.
Command & control
Data diode technology makes it impossible to for example take over an Operational Technology (OT) system in a power plant. In the case of the Ukrainian power plant breach, that was exactly what happened. Hackers were able to steal credentials from workers and managed to bring command and control functionality into the power plant’s OT system. With a uni-directional approach via the use of a data diode, this incident would have been prevented.
Singapore as an example
Singapore is obviously in the forefront of these developments. The country developed a practical National Cybercrime Action Plan (NCAP), that may well serve as an example to other parts of the world. The plan was launched in July 2016 to establish a coordinated national effort to deal with cybercrime. Singapore focuses on a variety of measures, including educating and empowering the public to stay safe in cyberspace, enhancing the government’s capacity and capability to combat cybercrime and strengthen legislation and the criminal justice framework to support the investigation of cybercrimes and prosecution of cybercriminals. Furthermore, the country wants to build a trusted data ecosystem by fostering trust between organizations and users for data usage. One of the ways to do this is to separate internet surfing from the networks that hold classified data.
High-profile breaches in recent years have underlined the importance of segregating critical infrastructures networks that would otherwise be prone to threats from the public internet. Fortunately, many organizations and businesses acknowledge this and have started to deploy relevant technology. That is the only way to safeguard critical assets and prevent large-scale downtime of systems.
Learn more about uni-directional technology and segregating networks in this blog on the use of a data diode.