Friday, August 14, 2015

Greater cybersecurity for satellite & SCADA

Two markets that rely on Uplogix out-of-band management are playing catch-up when it comes to network security compared to many other industries. It's not that satellite and SCADA networks don't care about security, it's just that for a long time they've been physically isolated from


much of the danger. That time has definitely passed.

The World Teleport Association reports an increase in concern about cybersecurity across the satellite industry. As companies have switched to IP-enabled equipment, more access points are opening up for cyber attack.
“In the last 10 years both satellite and teleport operators on the ground, as well as other players in the satellite ecosystem, have put a lot of equipment into their operations that are all IP-enabled. They made the switch to IP because it created a lot of cost savings in terms of their internal networks and created a great opportunity for control,” said Robert Bell, executive director of the WTA. “But, every time you have a device that touches the network and talks Internet Protocol, you are creating another threat. People are beginning to look at that and think about it because all that equipment is through the transmission chain.”
The WTA said there are wide disparities between vendors, and recommended all teleport operators to take actions to thwart attacks before they occur. They said the common focus is more on detection of threats, and not enough on the prevention of the threat.

At the recent Black Hat USA conference in Las Vegas, SCADA networks captured headlines. Researcher Robert Lee of Dragos Security and an active-duty US Air Force Cyber Warfare Operations Officer said that he believed that many critical industrial control systems (ICS) could be, are likely currently are, compromised. Man-in-the-middle (MITM) attacks could cause issues on live systems by sending wrong, spoofed, fake or incorrect data that could result in anything from a nuclear plant shut down or forcing an unknown or hazardous state on an industrial tool.

The reporting of vulnerabilities found by researchers like Lee is just the first step in the process of locking down the critical systems. Unfortunately it's a long process. Patching of SCADA and ICS in live environments averages 1-3 YEARS.

Uplogix is part of the security posture in satellite and SCADA networks. Both often deploy gear to far-flung places, making out-of-band access a key feature for remote management. By maintaining and enforcing AAA regardless of the state of the network, just because the network is down or degraded, security policies are enforced.

Access to remote gear is thoroughly logged for audit and compliance reporting. Our customers know who did what, and with what impact on the device.  Device configurations are stored locally and can be set up to roll-back automatically, ensuring only a "golden" config is running on devices.

Today Uplogix is deployed on miles of pipeline supporting SCADA networks, and also enables military communications networks to be managed half-a-world away, minimizing risk to the operators and ensuring better service for those who need it the most. When it comes to cybersecurity in these critical networks, we're part of the solution.