I often read articles about Cyber Security and find they get so deep so fast it can feel overwhelming. Know the feeling? I thought so. Anyone that knows me has probably heard me say, “doing something, anything, to improve your security position is a good thing – no matter how big or how small – because it will make you better today than you were yesterday.” I stand by that.
But the question often becomes – – okay, what is that something?
In various presentations and seminars I have given, we have provided some ideas, but I recently stumbled upon an article called “Securing the Connected Enterprise” from Electro industry, the NAED journal, that I thought did a really nice job identifying nine key areas to look at, at least three of which I’d really encourage you to go act on now:
At the bottom, there is a link to the full article but let’s look at a few of these:
As the article calls out, creating smaller network segments within your overall plant network provides, “…better security, easier maintenance, and more robust networks.” There is no doubt this is true, but segmenting also creates more work. So why should you start segmenting? A few reasons cited include:
Default passwords provide a purpose, there is no doubt to that. They are extremely useful to users and vendors to quickly configure a device out of the box. BUT, they create an extreme vulnerability. I think we all know that so why do we do we keep using them?
The recent Mirai botnet attack shows us an example of why we must stop – more than 300,000 IoT devices that were using default or weak passwords were used to create a traffic storm. These devices created nearly 600 Mbps of traffic after someone figured out how to get all the devices, which were using poor passwords, to launch an attack simultaneously.
If a traffic storm like that ever happened on a plant network, it would crumble almost instantaneously.
In addition, if that example doesn’t convince you, earlier this month a group called SCADA StrangeLove published a list of default passwords for over 100 Industrial Control System products. Not that they weren’t easy to get a hold of before, but at least it took a little research, maybe a key stroke or two. Not anymore! Researchers Disclose Default Credentials for Over 100 ICS/SCADA Products
Lastly, it is important to try to stay as informed as possible. With the critical role networks are taking in our plants keeping up on news regarding security is just as important as fine tuning your PLC skills. Keep track of security events and vulnerabilities by developing a list of a few different trusted sources that can be scanned each day for issues that affect you.
Here is a list of some of my favorites:
In summary, these are just some things to consider. In a prior role, I often said “The Time to Act is Now,” and I whole heartedly believe that – no matter how big or how small – I challenge you to do something today to improve your plant’s security position.
PS – if you are interested in reading the full article, it can be found on page 11 of the January 2017 Electroindustry publication.
PPS – Have questions or need some help thinking through your starting point? The newly formed Networking Group at Rumsey can help. Just send us a note with your thoughts and what areas you might need help with.