Live Threat Map
By: Rajiv Pimplaskar
Several critical infrastructure sectors utilize industrial control system (ICS) and supervisory control and data acquisition (SCADA) systems and IoT devices, which can often present appealing soft
targets for threat actors. There is a significant percentage of such devices that can have inherent vulnerabilities and, unfortunately, many of these systems are operated outside the purview of the
security teams that manage the Common Vulnerabilities and Exposures (CVEs) and the Cybersecurity and Infrastructure Security Agency (CISA) advisories.
The complexities of adhering to the National Institute of Standards and Technology (NIST) standards and the Purdue model has become even more challenging with the advent of 5G. While 5G
does have built-in security—as specified by the 3rd Generation Partnership Project (3GPP)—it poses a new danger of expanding the attack surface with smaller cell sizes, shift to Open
Radio Access Network (O-RAN) and more business-centric use cases. A key strategy to safeguard 5G critical infrastructure is to augment its security framework with “stealth networking.” This
approach was first developed by special forces and the intelligence community and is now also popular within law enforcement and the digital forensics world. Source and destination relationships
as well as sensitive data flows across the public cloud and the Internet are obfuscated with a next-gen virtual private network (VPN). Stealth networking adds “defense in depth,” making it
virtually impossible for a bad actor to detect—let alone target—the operational technology (OT) estate in the first place. Stealth networking is also capable of complementing conventional cyber
safeguards and control assertions as specified by NIST, the Purdue Model and IEC 62443 standards, which can typically kick in later along the kill chain.
As critical infrastructures have come under persistent and nation-state motivated attacks around the world, cybersecurity for ICS SCADA systems is undeniably paramount. NIST guidelines, the
Purdue Model and IEC 62443 standards establish best practices for IT and OT networks as well as addressing use cases where the boundary needs to be crossed. These models delineate the need for
network segmentation and communication control as well as the use of perimeter firewalls.
5G has security built into the standards itself and could represent a new era of transformation for critical infrastructures, offering significant improvements over previous generations like 3G,
4G or LTE. The industry body that sets standards for mobile communications, 3GPP, has added new capabilities for 5G via the Service and System Aspects working groups that include enhanced
subscriber privacy and authentication, greater interface protection, and enhanced integrity protection of user traffic. While they are more secure, 5G rollouts are characterized by small cell
deployments due to outdated regulations, excessive fees, prolonged processes to obtain permits, and lengthy procurement cycles. Private 5G adoption is accelerating within the U.S. in part due to
the availability of Citizens Broadband Radio Service (CBRS) frequency band which enables organizations to use the 3.5 GHz to 3.7 GHz radio spectrum to build wireless networks based on 4G LTE and
5G cellular technologies. However, this unrestricted capability does not exist worldwide, and several sovereign countries consider radio spectrum as a national asset necessitating bureaucratic
carrier negotiations and fees.
These issues, coupled with a massive increase in numbers of IoT devices, vulnerabilities within the public fiber infrastructure, and higher use of virtualization and cloud services, have
dramatically expanded the attack surface and intensified the need for advanced security.
5G use cases within critical infrastructures span multiple sectors including manufacturing, retail, healthcare, utilities, agriculture, mining, and oil and gas. 5G capabilities can revolutionize
warehousing, distribution, supply chain, asset management, and transport as well as smart city planning. These varied use cases range from real-time data collection to digital twin, AR-guided
work instructions, predictive maintenance, connected and automated guided vehicles, connected workers, and worker safety.
3GPP’s open interoperability also facilitates the rise of O-RAN, where multiple vendors come together at the edges of the network in a virtualized and disaggregated manner. This disaggregation
facilitates time to market for 5G buildouts worldwide. However, security remains a key concern due to the inherent expansion of the threat surface, as
Read the full article here