News

For Industrial Control Systems, often described as Supervisory Control and Data Acquisition (SCADA), availability and safety are the two top priorities. However, security has now become a major issue and therefore must not be ignored.

Security of Industrial Control Systems: an issue linked to remote connections

Industrial control systems are becoming increasingly connected. Firstly, these connections are established to link production management or planning tools (MES, ERP) with the production facilities themselves, but connections may also be established for remote access to facilities (remote diagnosis, remote maintenance and sometimes even remote management).
All of these remote actions are very widespread, if only for the obvious reasons of cost reduction and availability. They increase the exposure of these systems which are sometimes old and therefore vulnerable.
In the case of the Stuxnet attack (attack on the Iranian nuclear enrichment programme in 2010) exploiting numerous zero-day vulnerabilities in all of the elements of the control system made it possible to carry out a Man-in-the-Middle attack, giving incorrect instructions regarding rotational speeds that ultimately caused permanent damage to the centrifuges… More recently, the customer records of the US retailer Target were hacked by an attack on the store air-conditioning management network. At the time, the cash registers and air conditioners were linked to the same local area network in the stores, and it is more cost-efficient to have a remote monitoring system for the store temperature at night and during the weekend…

So how can we protect industrial control systems?

Wallix AdminBastion Suite makes it possible to centralise remote access to industrial control systems, making them safer and entirely traceable. Installed on a virtual or hardened appliance, WAB Suite constitutes a genuine access control and monitoring system.
WAB Suite enables you to:

• Identify the origin of all remote actions
• Define rights
• Generate temporary and/or planned access
• For automation specialists and auditors, to visualise the actions carried out real-time (integration with applications such as Webex and Team Viewer)
• For the remote administrator, to keep target passwords secret (if there are any!).
• Define a list of authorised and forbidden actions.
• Visualise sessions afterwards, for the purpose of diagnosis, tutorials or allocating time spent, as all connection data is transmitted in Syslog format to the company's SIEM system for forensic analysis.

In connection with work carried out on behalf of common customers in summer 2016, Siemens, a forerunner in secure automation solutions, was able to test the WAB Suite. Jean Christophe MATHIEU, PSSO of the Siemens group in France, states:

"WAB provides a real zone of confidence for remote connections to industrial control systems, in a totally transparent manner and without loss of performance for users".
For interconnected systems (as is the case for all of the refining systems of world leaders in the oil and gas industry throughout the world), WAB Suite, installed on a DMZ in the corporate network will make it possible to filter administrative access to SCADA command control systems, making it possible to provide the required access control and security.

Post by: stormshield.eu