Compliance is essential in an industrial environment. Industrial-grade wireless networks follow strict security standards and guidelines, specific to critical industries, and protect against CVEs, or common vulnerabilities and exposures. Most cyberattacks in industrial environments have involved unpatched systems, legacy equipment, and vulnerabilities in underlying networks.
Initiatives such as NVD18 (National Vulnerability Database) and CVE19 provide vulnerability databases with standardized identifiers to facilitate communication of information about common vulnerabilities in software products to industry professionals and the public.
Modern wireless networks leverage operating systems and software products. This can expose an otherwise-secure industrial control environment to cyber vulnerabilities. Given this reality, industrial-grade wireless networks must leverage operating systems that remain up to date on patches and issue fixes for CVEs as a continuous process.
A physical attack on a network device that makes the network unavailable or injects a malware inside the network can lead to data leakage, or even remote control of an ICS component. For example, in 2017, an employee used a USB drive to download and view a movie on a critical infrastructure computer in the Middle East. The user did not realize that this action released malware—later dubbed Copperfield—by Nyotron, the company responsible for detecting it. Copperfield resulted in data leakage, network scanning and remote control of an ICS workstation.
Similar physical-to-cyberattacks can happen when an attacker gains physical access to a networking device with weak local authentication and launches a cyberattack by making the network unavailable. Industrial-grade wireless networking devices implement hardware security controls to prevent physical tampering.
It is also important to remember that OT systems differ from traditional information technology (IT) systems in their cybersecurity priorities. IT systems manage information, whereas OT systems manage physical processes.
The primary function of OT is to enable safe working environments and protect capital-intensive assets while maximizing overall system uptime availability. The goal of ensuring the integrity of stored data and protecting the data’s confidentiality is important to OT systems, but usually secondary to the goal of availability.
In the world of IT, on the other hand, data confidentiality is primary, followed by data integrity—and then maintaining a high degree of availability. It is this difference of priorities that often leads to heated debates among IT and OT professionals within critical industries when discussing optimization of resource allocation to secure a network. The United States National Institute of Standards & Technology also highlights this difference in its guide on industrial wireless systems deployment.
Generally, IT systems defend against data extractions; encryption used to provide confidentiality is of primary concern. In OT systems, confidentiality is still important but secondary to availability. While eavesdropping can provide access to information, which can facilitate a future cyberattack or reverse engineering of proprietary methods and design, confidentiality cannot be achieved at the expense of system downtime. Overall, to secure the physical environment, industrial wireless networks need to focus on these key pillars: