By Olivier Pauzet, Sierra Wireless, and Art Maria, AT&T
Utility networks are in the crosshairs of a broad range of threats. More malicious actors are online than ever before looking for vulnerabilities to exploit.
At the same time, the industry is relying more on wireless networks to support critical applications, which must be secured. Many of the supervisory control and data acquisition (SCADA) and distribution automation (DA) systems now running over wireless networks were built with early technologies that may be vulnerable to modern hacker attacks.
As smart grid initiatives connect more computers, control systems and metering infrastructures, utilities now must secure an even larger number of cyberpathways. In this hyper-connected environment, a successful attack could be widespread and damaging.
Faced with these challenges, some utilities secure wireless-enabled grids by building and operating a private wireless communication network themselves. A private network does not necessarily mean a secure network, however. While utilities are proven experts in energy distribution and smart grids, they may not be able to provide the latest, most comprehensive industry knowledge in wireless network design and management.
A solution: Work with established commercial carriers and wireless technology leaders to secure the network. By trusting companies that design and manage secure wireless networks–and that already protect sensitive government and financial communications every day–utilities can defend against cyberthreats.
Understanding the Threat
Cyberattacks on critical electrical systems are no longer science fiction; they are a real and growing danger. Just as the Internet has accelerated product development in many other industries, it has made designing malware easier and cheaper. In a recent survey of 200 information technology (IT) executives in charge of security for utilities–commissioned by McAfee and conducted by the Center for Strategic and International Studies–80 percent reported that their organizations had experienced large-scale cybersecurity threats, and 70 percent said they frequently found malware designed to sabotage their systems. The report also discussed the Stuxnet virus as an example of sophisticated malware designed to attack specific critical systems.
In response to these threats, regulations are on the rise. The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) security framework, which defines security standards for electrical systems, expands every year. Dozens of federal and state agencies are involved in regulating cybersecurity and adding new requirements. Developing the plans and infrastructure to adhere to these regulations represents an enormous operational burden. Unfortunately, given the constantly evolving threat landscape, even strict compliance can’t guarantee protection.
Utilities must move beyond a culture of compliance and embrace a culture of security to defend their wireless communications and critical systems. That means more than just assuring that infrastructures can pass an audit. That means employing networks, procedures and wireless end points designed with proactive security end-to-end.
It’s in this area–building and operating a communications infrastructure according to established best practices for network security–that working with proven network operators and cellular vendors can yield the greatest benefit. These companies can offer broad expertise in securing every aspect of the communications infrastructure, from locking down wireless end points to implementing real-time, network-wide monitoring and threat defense.
Securing the Network
Some people still think of cellular networks as being wide open or inherently insecure. In fact, with modern encryption, authentication and virtual private network (VPN) technologies, wireless networks are just as secure as most other mediums. Indeed, today’s public cellular networks transmit highly sensitive traffic–homeland security communications, utility grid communications, financial transactions–every day.
The biggest benefit of working with a major public carrier,
however, is the security expertise they bring from operating a vast communications network and constantly analyzing enormous amounts of Internet protocol (IP) traffic. AT&T alone sees 26.9 petabytes of data cross its network on the average business day, a significant portion of the daily Internet traffic.
By managing networks on this scale, network operators observe malware evolving and have developed the infrastructure necessary to detect it, classify it and predict trends in malicious activity. Global telecommunication carriers staff 24/7 analysis teams to monitor potentially malicious activity across the Internet. As a result, they can identify a broad range of exploits, malware, flooding attacks, protocol anomalies and other threats long before they impact organizational security. In fact, the U.S. turns to these operators to help secure private internal networks and operate security operations centers.
When working with commercial carriers, utilities can rely on a wireless network built with security best practices such as:
- Establishing a secure electronic perimeter and secure interfaces with other networks.
- Formulating secure user access levels and remote management capabilities.
- Employing broad-based intrusion detection mechanisms.
- Appropriately segmenting traffic to isolate mission-critical systems from other systems.
- Employing sound network hardware security measures, including strict access controls governing network elements, workstations and physical equipment; and radio access networks that comply with 3GPP security standards.
- Performing ongoing security status checking and vulnerability testing.
Of course, any chain is only as strong as its weakest link. Just as important as securing the broader network is securing all wireless end points in the grid.
Leading cellular vendors like Sierra Wireless have invested significant resources into developing secure wireless solutions that are more than up to the task of transmitting critical utility, government and financial data. As a result, they can provide wireless technologies that adhere to established industry best practices for wireless security, including:
- Cellular modules that support strong, mature protocols for encryption and secure connectivity;
- Intelligence to detect deliberate jamming attacks and to operate autonomously in the event that connectivity with the network is lost;
- Embedded subscriber identity modules (SIMs) to provide more robust defense against tampering with physical equipment;
- Modules, gateways and routers that can be monitored in real time; and,
- Solutions that can be upgraded over secure channels and via software patches (instead of requiring replacement of the entire firmware package), allowing utilities to update devices as quickly and efficiently as possible.
Working with an established wireless technology vendor also helps utilities remain vigilant against a constantly changing security landscape. Many provide robust development platforms and programmable cellular modules, allowing utilities to continually update their wireless technologies to respond to new threats.
Most important, established cellular technology vendors can offer years of industry expertise building secure wireless solutions for the most demanding environments, including technologies used in critical government applications, ATMs and point-of-sale systems worldwide. Such vendors have also worked extensively with telecom operators to deliver wireless communications solutions that deliver end-to-end security. As global cellular networks evolve to newer 3G and LTE technologies, established cellular vendors can assure the strongest security over these systems.
Utilities today must pursue parallel goals that don’t always seem compatible: Securing critical infrastructure from increasingly sophisticated attacks while pursuing a smart grid model that extends new communication pathways across the grid. Achieving both of these goals requires a new approach to security that goes beyond simply keeping pace with regulatory standards.
Utilities need not build these advanced security capabilities from scratch. By working with established network operators and wireless technology providers, they can take advantage of proven expertise defending against the most dangerous cyberthreats.
Olivier Pauzet is Sierra Wireless’ senior director of marketing and market strategy.
Art Maria has more than 30 years experience in wireless, telecommunications and information technology. He is a Certified Information Systems Security Professional (CISSP) and chief enterprise architect at AT&T, supporting various wireless segments including the utility vertical market.