Securing Industrial Networks: Purpose & Importance

Instructor: Srinivasa krishna Goparaju
In this lesson, we will study the purpose and importance of securing industrial networks. Topics covered include air gaps, zero-day threats and the potential lag of identification and assessment of vulnerabilities in industrial networks.

Imagine the sudden shutdown of an automated power generation plant or the critical malfunctioning of an assembly line of a car manufacturing plant. The reason for both of these incidents could be a security breach in the network of systems which manage these operations. The consequences could be disastrous!

Purpose and Importance of Securing Industrial Networks

Industrial networks run critical infrastructure such as manufacturing, power plants, nuclear facilities, transportation, utilities and defense to name a few. They consist of systems such as SCADA, DCS, PLC as well as dedicated networks. They were built before the internet era and use legacy software and proprietary protocols for communication.

Due to the needs of business, the industrial networks are increasingly being connected to an IT network. But at the same time, they are exposed to security risks inherent in IT networks. These risks were not considered while building industrial networks and any unaddressed security vulnerabilities in the network may be exploited by unscrupulous elements causing attacks, not only on data and IT systems, but also on key operational and safety infrastructure.

Such breaches can cause disruption in production, malfunction of machinery, unscheduled shutdown of critical systems, changes in process sequences leading to physical and environmental damages, human casualties, costly production downtime etc. In addition, a breach can also attract stringent action by regulators and can result in loss of goodwill among stakeholders.

A recent example of such an attack is ''NotPetya'' malware which gained unauthorized access to an enterprise's IT network and intruded into the industrial network through a security loophole and caused considerable damage. At the Chernobyl nuclear plant in Russia operators had to revert to older technology after radiation monitoring systems were shut down by this malware. This type of incident stresses the need to secure an enterprise's IT and industrial networks.

Air Gap

An air gap is a network security measure which disconnects the industrial network from the business network and internet and prevents intrusion into the network. For example, an air gapped computer cannot be connected either physically or wirelessly with other network devices. This air gapping technique is used to protect critical systems such as utilities, chemical and power industries, etc.

Zero-Day Threats

A zero-day threat is the risk of exploitation of an undetected security vulnerability which is unknown to software developers and software vendors. It is referred to as zero-day threat because there are zero days between the time the vulnerability gets discovered and the very first attack.

Zero-day attacks occur within the vulnerability window period. This period is the time between the first attack and the time at which the vulnerability is fixed. Zero-day attacks are designed to cause maximum damage normally within one day. The vulnerability window could range from a small period to multiple years.

Recent incidents of zero-day attacks are ''WannaCry,'' ''NotPetya'' and ''Industroyer'' malware. These malware attacked the industrial networks and hindered the critical processes leading to power outages, emergency shutdowns and loss of production.

Reasons for Delay in Identification and Assessment of Vulnerabilities

Analysis of these attacks revealed that industrial networks sometimes lag behind in identification and assessment of vulnerabilities in the following ways:

Non-Visibility of Industrial Network

IT teams in most companies do not have visibility to their industrial network and it is difficult for IT teams to check and fix the vulnerabilities in legacy software and proprietary protocols on which they were built. These security vulnerabilities can be exploited by attackers and cause harm to industrial operations as proved in the case of the Industroyer malware attack.

Lack of Security in Legacy Systems and Devices

As the systems and devices in industrial networks were developed and deployed, much before the internet era, they lack necessary security mechanisms to counter the current day cyber threats.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account
Support