Last week, I was briefed on the partnership that was announced between Siemens and McAfee (a division of Intel Security). I had to admit there were a couple of moments where I seriously thought about building a bunker, because I was confronted with information about the massive number of increasingly connected systems in power plants and factories that, up until now, haven’t been adequately protected. Finding out how fragile the power grid is in the U.S. (and elsewhere), it wasn’t hard to imagine a power outage across the entire country (or Europe).
Apparently Siemens, who provides core technology for systems ranging from power plants to maglev railways, realized that it needed a resource that could mitigate the risk of attack upon such systems, and McAfee was chosen to help with the solution.
Let’s talk about the fragile systems behind the large power networks and other industrial processes that are used across the U.S. and why you might want to join me in my fictional bunker.
Rush to Network
To automate software updates, simplify management, and reduce labor costs, a massive effort has been made to network everything from numerical control machines in factories to trains. However, many of these systems are decades old and were never intended to be connected to a network that wasn’t secure. These systems have little individual defense against unauthorized access, malware, or employees acting against the best interest of the company, because they were not originally created to be networked or because the network the systems were attached to was assumed to be secure.
But existing security practices fell far behind capabilities developed by hackers in the last decade. Knowing this, it’s most likely today’s industrial systems fall into one of two categories: those that have been breached and the company knows about it and those that haven’t discovered the breach yet. In this era, it’s more realistic to assume your network has been compromised in some critical fashion, but the perimeter security of the past was inadequate and, once breached, didn’t even report on the failed attempts, so attackers could continue to try to get in with impunity for extended periods.
A security start-up informed me late last week of a new class of virus that piggybacks onto a legitimate user’s login and then acts independently using the user’s privileges to wire money out of bank accounts to places such as Nigeria. Apparently, it is difficult to get the money back because the bank records detail that the user logged in from a known machine and responded to the challenge questions accurately. This is the digital equivalent of tailgating someone through a security door to bypass a building access system.
Apparently, McAfee’s security information and event management (SIEM), endpoint and next-generation firewall (NGFW) solutions provide the keys to finally securing our industrial systems. They not only wrap internal systems with reporting monitors that look for unusual activity, but they report back failed attempts to breach security across a broad spectrum of entry points so that proper countermeasures, often automated, can be deployed to protect the attacked site in real time.
Siemens takes the McAfee components and wraps them with its own services to secure all aspects of the enterprise from both internal and external threats. Siemens knows which systems need to be protected and McAfee provides tools to enable that protection. Because McAfee is agnostic to the hardware vendor, the solution can flow across manufacturing, corporate IT, and even remote sites.
Because a partnership with a segment expert like Siemens is critical to ensuring the result meets expectations, McAfee has also partnered with S&C Electric, NEC, Schneider, Invensys, Schweitzer, Subnet and Westinghouse on similar efforts.
Wrapping Up: What You Don’t See Can Hurt You
While we have been looking hard at protecting our servers and clients, much of our manufacturing and power infrastructure has gone under protected. That will be a problem for someone, likely a big one, but luckily partnerships have come about to help mitigate this problem. Regardless of who your primary partner is for the growing corporate Internet of Things, it would be wise to sit down with them and review their security solution before someone demonstrates how much your generators and industrial equipment currently lack strong security.
It probably goes without saying that if you don’t currently have backup power, getting backup power should be a high priority. We all may need it, shortly.