The 2021 Global Threat Intelligence Report (GTIR) revealed that there was a 300 per cent increase in cyberattacks during 2020. Reinhard Mayr, Head of Information Security and Research Operations at COPA-DATA explains why a secure Internet gateway is crucial for industry to combat rising cyber threats.
Such growing cyber threat puts energy grids more at risk than ever before, yet still, some of the cyber security protocols in this sector are often lacking in sophistication. A secure Internet gateway is an essential component when building a safe entry point into a critical infrastructure. It helps to protect OT (operational technology) infrastructure from online threats by filtering Internet-bound traffic and is therefore embedded in security standards. All security-related standards, such as the IEC 62443, the BSI or the NIST SP 800 series, demand access to critical OT infrastructure that is secure.
These standards do not only reflect on a secure web gateway or connection, but the need for a company to implement a demilitarised zone (DMZ) for more OT protection. Simply put, a DMZ is a physical or logical component that separates a local area network (LAN) from other untrusted networks, acting as a buffer zone between the public Internet and the private network. All inbound network packets are screened using a firewall, or other security appliance, before they arrive at the servers hosted in the DMZ.
Operators require the appropriate software to follow these cybersecurity measures. The next section explains some key aspects of achieving this.
Revamping existing systems
A secure Internet gateway can be implemented without negatively impacting existing systems, such as human machine interfaces (HMIs) and supervisory control and data acquisition (SCADA). This is particularly relevant to users in a brownfield environment, where they need to implement new software to existing – and often ageing (hence the term ‘brownfield’ rather than ‘greenfield’) – infrastructure without causing interference.
A web gateway, such as a DMZ, also needs to support other commonly accepted security standards, like transport layer security (TLS) encryption and digital authentication methods. It also must be integrated seamlessly into the existing infrastructure, while also being able to support different methods of deployments, from a native local installation to a containerises option.
Containerisation simplifies administration and is another step to making systems secure. Here, containerisation implements tools and policies to ensure that container infrastructure, apps and other container components are protected. Applications run in isolated user spaces, called containers, using the same shared operating system.
With software like COPA-DATA’s zenon Service Grid, it is easy to implement on brownfield applications. Its design allows access to data without impacting existing infrastructure. This is particularly crucial for energy grids and infrastructures that contain legacy equipment. This method can help to prevent any unwanted DoS (denial of service) blocking an operator’s path, access information systems, devices, or other network resources due to a malicious cyber threat.
Up to the standard
Scenarios such as the above are recognised in the security industry standards and must be supported by software.
Continuing with our aforementioned example, COPA-DATA’s zenon Service Grid communicates using certificate-based TLS connections, ensuring secure transmission of information, even over public networks. Here, the software’s Identity Service handles data flows and access rights over the web, which is crucial for a secure web gateway.
The Identity Services technology does this by providing high project specific security standards and checking all connection requests from all service grid connections. This service also includes a web bases interface to configure access clients, user roles and access rights.
Greater protection and a higher level of sophistication is a necessity in cybersecurity measures for the energy sector. And with the right software, adhering to industry standards and providing a more secure internet gateway, users can protect their critical OT infrastructure to significantly reduce the number of cyber security attacks.