Cybersecurity in critical infrastructure – a matter of national interest and business value

With more frequent and increasingly viscious cyberattacks, vulnerabilities in IT architecture pose a severe threat. Particularly the energy sector is targeted, making upgraded cybersecurity a matter not only of securing production and business value but also of national interest to keep society up and running – and people safe.

Segmentation and data logging – fundamental security measures

To safeguard ICS (Industrial and Control Systems) and SCADA (Supervisory and Control Data Acquisition) systems, segmentation must be applied with high assurance solutions to guard the physical isolation yet enable completely secure communication. With this in place, logging security data is the next priority. By monitoring logins, failed login attempts, transactions, USB usage etc, effective preventive measures can be mapped out and damage control can be taken without delay. However, the character of the data also makes log servers hackers’ favoured target. Data logging systems thus turns into a vulnerability when insufficiently protected. To ensure integrity and security, military-graded solutions are required.

New strict legislation requires upgrade of security

In recent years, the energy sector has been scrutinised by supervising authorities regarding information security in preparation for instance the NIS Directive and stricter national security legislation. To significantly upgrade general security and to be able to present approved high-end solutions in future audits, one of the largest energy companies approached Advenica.

Rapid analysis and recommendation

After analysing audit reports and penetration tests, Advenica identified and prioritised several important measures with legislative compliance in mind. Working fast, a recommendation was presented 48 hours from receiving the reports.

Creating cybersecurity insight

With the energy company’s business priorities weighed in, it was decided that security log data management and monitoring was fundamental to insight and further security efforts. A new log environment for security log data was consequently built, based on strict segmentation and with approved products to protect the various systems.

Eliminating risk of data leakage and manipulation

With national approval from armed forces, SecuriCDS Data Diodes deliver security to the highest level. They are the most effective option for classified systems. Containing an optical fibre with a transmitter on one side and a receiver on the other, only unidirectional information exchange according to information policy is allowed. Two-way transfer between the networks is impossible, and the risk of leakage and manipulation of log data is eliminated. The SecuriCDS Data Diodes deployed at the energy company have integrated proxy servers. These have been designed, developed and tested to meet the requirements for interacting with sensitive information in common communication formats such as data, files or network time transfers.

Mitigating threats of remote access

ZoneGuard was implemented to further reduce potential attacks vectors while providing secure and selective access to the systems from remote networks. The technology allows secure information exchange between separate systems, with access based on the energy company’s defined policies and tuned for their specific systems. By using ZoneGuard with remote desktop capability, access is controlled and threats towards a remote desktop solution are effectively mitigated in the cross domain point. All information is validated and transformed, which means that sensitive information stays within the protected network and malicious code cannot spread.

World-class cyber preparedness without compromising local operations

With Advenica the energy company in question quickly achieved increased security insight. It boosted its preparedness for threats such as Industroyer, which could come at great cost not only to business, but to customers. The energy company can also report pre-approved cybersecurity solutions to supervising authorities. In addition, both technology and services enable cost-effective administration without compromising current or future reliability and integrity.

cybersecurity critical infrastructure