Strategies for Defending Against Cyber Attacks on Critical Infrastructure

Featured article by Peter Galvin, Vice President of Strategy, Thales e-Security

Historically, the primary goal of cyber criminals has been to steal data that the criminals find valuable: personally identifiable information, intellectual property and so on. That digital information would then be converted, via fraud or other means, into real-world cash. Today, however, we are being confronted by attacks that directly affect the physical world – those launched against power grids, water systems and other crucial infrastructure.

Several countries are now at risk of a potentially devastating attack against their energy infrastructure, according to Christopher Frei, director general at the World Energy Council. The Council’s World Energy Issues Monitor report states that the risk from cyber threats has increased, specifically in North America and Europe. “A clearer understanding of the nature of cyber risk and mitigation measures for energy infrastructure is necessary, in an environment of increasing interconnectivity and emerging technologies.”

The national power grid and other critical national infrastructure are now in danger of being disrupted by nation-state hackers. And though nation-state threats, while very real, may seem a rare and remote Hollywood possibility, any increase in the possibility of such attacks will lead to an escalation in disruption as opportunistic attackers jump on the bandwagon and exploit vulnerabilities for their own ends.

An attack against the Ukrainian power grid in December of last year caused power outages that impacted over 200,000 people. The power companies, caught in the middle of the hack, described it as a sophisticated attack comprised of a vicious cocktail of phishing and a form of malware named “BlackEnergy.”

Threats from Within and Without

The hackers responsible for the Ukrainian attack were able to access the network initially via email, but it’s only a matter of time before hackers find their way in via any of the many possible devices connected to the target network. Critical infrastructure today relies on data transfers between devices like water sensors and water valves, for instance. These networks now depend on machine-to-machine and person-to-machine communication between hardware devices and IT and software devices.

It’s clear that the IoT and M2M open the door for substantial cybersecurity risks. Hackers have already demonstrated that they can take over any device with an IP address—including webcams, printers and baby monitors—and a guessable password and use it for their own purposes.

Another reality that must be addressed is the influx of third-party vendors who need access to an organization’s network. The catastrophic 2013 Target breach was made possible by hackers gaining access to the company’s HVAC vendor’s credentials. There are as many IoT threats as there are network endpoints, and organizations have taken notice. MarketResearchReports.biz predicts that the IoT security market will grow at a CAGR of 55 percent between 2016 and 2020. They project that the utilities sector will drive the demand due to extensive implementation of smart meters and IoT for utility management systems such as gas, energy, water and oil.

Leveraging Existing Infrastructure

It is crucial to recognize that civil infrastructure providers and heavy industry are not building their own networking, data handling and security technologies. Rather, they must reuse what the IT industry has already provided, both on-premises and increasingly in the Cloud. This means that without expert adaptation, they will experience the same kinds of problems that have been going on for years in IT – except that because critical infrastructure is involved, the repercussions are potentially devastating if things go wrong.

All these disparate “things” need a system to establish appropriate levels of trust. But just as organizations can inherit security risks from using what they already have, they can also benefit from existing infrastructure. Public key infrastructure (PKI) has been playing a quiet security role for decades, issuing credentials used to perform strong authentication, validating integrity of transactions and securely exchanging keys used to ensure confidentiality of communications between systems and devices. It’s only natural, then, that the security challenges presented by the IoT are causing a resurgence of interest in PKI.

As with the global payments network and the SSL/TLS fabric we use every day, crypto and PKI technologies have already been proven in large-scale systems. That’s important, because the data that systems receive must be reliable; it will be used to make decisions like which control valve to turn on or off, or when to shut off someone’s electricity. These devices must provide trustworthy information to the infrastructure provider (such as an energy utility), often employing data analytics that span millions of such devices. Users, service providers or even regulators need to authenticate that they are talking to the correct device, that the device is functioning properly and has not been tampered with, is configured correctly and that data is protected when at rest, in use or in motion.

Cue the HSMs

The tricky thing about cryptography, though, is that it’s extremely dependent on the integrity of its key management systems and practices. Organizations can’t afford to assume that the cryptographic infrastructure that underpins the integrity of PKI’s identity assertions is solid. The idea that a utility’s keys and PKI could be compromised, resulting in a downed power grid or endangered water supply, is no longer the stuff of fiction.

Hardware security modules (HSMs), the means by which trustworthy digital identities are secured, have become more mainstream and relevant in the light of this very possible scenario. HSMs provide a hardened, secure root of trust to enable a higher degree of security when deploying cryptographic technology. Software-based crypto can’t touch this level of security.

A hallmark of HSMs is that they significantly increase the likelihood of deploying cryptography in a secure and unbreakable fashion. For organizations dealing with a high volume of keys, they are an essential component of the modern, hardened crypto system and are no longer optional.

Keeping Vital Service Online

The idea of malicious actors taking out a power grid is no longer the sole purview of a movie plot; it’s already happened. The IoT introduces billions of new end points that raise security concerns, but it finds a natural security partner in an expanded use of PKI, which has a proven track record of helping to bring resolution to high-assurance challenges. As IoT proliferates, PKIs and their associated digital certificates stand ready to secure the growth of Internet-connected devices.

As a partner to PKIs, HSMs offer a hardened and secure trust anchor to enable the integrity of digital identities and strong key management. Those tasked with safeguarding our nation’s critical infrastructure must now use these tools, already embedded in the network, to create the strongest possible cyber defense posture. There’s just too much at stake to not do everything possible to protect these vital services.

About the author:

Peter Galvinis a product and marketing strategist for Thales e-Security with over two decades of experience in the high tech industry. He has worked for Oracle, Inktomi, Openwave, Proofpoint, and SOASTA.