What makes an OT network perfectly Air gapped?
For the last few days, I have seen so many debates over the network not being air gapped even where they are assumed fully air gapped. It got me thinking what an ideal air gapped OT network should look like?
I did some research and could come up with below points:
1. All the devices in the network have never accessed internet, even for software update
Many times, during the assessment we realize that we do have internet exposure while updating antivirus or windows update for a short period of time
2. It does not have any smart/wireless devices in its network
With the world moving towards industry 4.0 and IIoT, we see wireless or smart devices in the network, that may open up new attack surfaces when we are under the impression of having a fully air gapped network
3. No USB or CD drive allowed to be connected to the network even to printer
领英推荐
This has to be the most common of all the points. We have seen many organisations using USB or CD drives to transfer reporting data or to serve other business purposes. This has been the primary source of malware in the assumed air gapped network. The best example for this would be how Stuxnet created havoc!
4. Remote access is strictly disabled even for emergency purposes
It was also found that in many instances, the vendor or the engineers were provided with remote access to the HMI or Engineering machines for some 'Quick help with Logic'.
5. Plant production reports are prepared either on notes, or on an isolated computer
Sometimes we have observed that there are machines randomly connected to OT switches and are used to create reports for production data and are communicating with corporate network, which simply connects your OT network to level 4/5.
6. Historian is not connected even via firewall to the enterprise machines
When we are taking the historian data even via firewall, the network no longer qualifies as an air gapped as we have established a connection to OT network from outside (This may be a debatable topic among the experts).
So, those were the points I felt should be considered in a perfectly Air gapped OT network and I must have a missed many things, what additional points do we need to take care of?
OT/IoT Security | NNCE | CEH | Vulnerability Management | VAPT
1 年If I need to update controller firmware what will be the best to update?
Interesting article that clearly point out the need for secure operational environments. I would argue the practicality of “All the devices in the network have never accessed internet, even for software update”. ? IT business systems include your production planning and materials systems and are key drivers of the OT physical systems which make Air Gap's between IT and OT challenging. Moreover, systems rely on the internet for managing customer demand and logistics systems. ? We have to deal with the reality of connectivity between IT and OT systems, and need to look at solutions that provide protection in this environment. This will demand: ? ·?Micro-segmentation of the IT business systems to ensure that there are highly controlled interface points between the IT and OT environments .?Controlled access by authorized users to IT/OT interface resources ·?Micro-segmentation of OT systems to ensure that connectivity from IT and OT is constrained to the essential interface points and the OT environment is protected from cross contamination in the event of an intrusion ·Two-way authentication/encryption between source and destination resources to protect against MITM and Replay attacks