What the Klingon Empire Can Teach Us About Cyber Security

After talking with customers, it’s become all too clear: the enemy is just outside the gates, threatening to attack and break down the walls.

The firewalls, that is.

Cyber-attacks, malware, Trojans, and other types of digital intrusions are keeping our security staff up at night. High profile attacks involving sensitive information like the breaches within Community Health Systems and retail giant, Target, are putting your customers on edge, too.

I would guess that many of you wish that you could use a cloaking technology similar to what the Klingon Bird of Prey utilized in Star Trek.

After all, you can’t hack what you can’t see.

What holds true for the crew of the USS Star Ship Enterprise also translates to cyber security.

And while we haven’t captured all the secrets of the Klingons, we can certainly help safeguard your critical infrastructure- whether it’s within miles of pipelines, pumps within a critical water facility, or even a hospital.

In most critical infrastructure environments like water, oil and gas, and manufacturing, you are dealing with remote, unmanned assets that are vulnerable, out in the open, and ready to be hacked and comprised.

Our Klingon Bird of Prey solution helps customers cloak their infrastructure, segment their network, preserve legacy investments, easily add or revoke contractor/employee access, and troubleshoot and optimize their network.

This isn’t science fiction – it’s happening right now.

A recent 2014-2015 Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) Monitor Report for the U.S. showed that the energy sector led all others again in 2014 with the largest amount of incidents, followed by critical manufacturing, and water/wastewater sectors.

Incidents included SQL injection, spear phishing, abuse of access authority, networking scanning or probing and the startling majority was described as having an “unknown” access vector.

This report is useful for detailing the incidents occurring in the United States, but if you think the U.S. is alone in an increase of cyber-attacks, think again.

A 2014 study showed that cyber-attacks have hit 36% of Canadian businesses, and over one-third of Canada’s IT professionals know for sure that they have had a significant data breach over the past year. While 56% of respondents said that they believed that threats do fall through cracks, unnoticed at times.

[ut_parallax_quote] This isn’t science fiction- it’s happening right now. [/ut_parallax_quote]

IT World Canada even reports that Ottawa plans to spend as much as $100 million to protect its computer systems against cyber-attacks. A contingency plan that more organizations are beginning to adopt.

The list of statistics and studies go on, but the point is, your city or organization is more vulnerable to cyber threats than you might think.

So, how can organizations do more to prepare long-term for possible cyber threats?

Cloak Your Critical Infrastructure so Devices Can Only Be Seen by Trusted Peers

Modern cyber-security solutions let you ‘cloak’ your devices and critical infrastructure.

Rather than placing trust in spoofable IP and MAC addresses, today’s security appliances base trust management on baked-in, hardened cryptographic identities.

Communications between protected devices are only acknowledged if they come from devices with explicitly trusted cryptographic identities. For example, if an attacker were to gain access to your shared network and attempt to ping a device behind a tough security device, like those offered by Gray Matter Systems, that ping would not be acknowledged.

Segment Networks into Smaller, More Manageable Networks (That are More Robust and Secure)

Unlike traditional firewalls and VLANs, today’s cyber security solutions go above and beyond segregating and inspecting communications and adds availability, integrity, and confidentiality (encryption) protection as critical data and information traverse the control systems network.

Gray Matter’s approach on this lets organizations create secure, encrypted channels to isolate connectivity to and between production facilities and critical infrastructure, aligning with the ISA99/IEC62443 zones and conduits model.

Strengthening security by segmenting your flat network into smaller private networks is facilitated in a single-pane-of-glass management console.

Securely Extend Your Network to Any Remote Location

Connectivity at remote locations is often in the form of an untrusted network (customer, third party, the internet) or perhaps connectivity does not exist at all.

Gray Matter Systems can help you efficiently and securely extend your existing network to new and remote locations. Using the modern security appliances, you can securely leverage 3rd party and untrusted networks to connect your devices to your users and enterprise systems.

Pick a Solution that Integrates with Your Existing Devices and Infrastructure for Defense-in-Depth Security

Today’s cyber security landscape requires a solution that can be easily integrated with your existing IT security and network infrastructure, as well as partner networks, including any mix of wired Ethernet, WiFi, cellular or SatCom networks.

It’s vital to have a solution that allows you to continue to leverage your existing IT infrastructure and security solutions (including VLANs, VPNs and FWs) that connect legacy devices, users, and enterprise systems – without exposing device communications or being dependent upon complex IT configurations.

No network configuration changes are required to add a layer of hardened, resilient security to existing and new operations environments. Once Gray Matter’s solutions are deployed, there is no visibility of legacy devices (i.e. no configuration footprint) from outside the private network.

Implement Highly Constrained Remote Access That is Simple to Grant and Revoke

Network access is required for maintaining devices and a resilient network. This means you need to grant remote access to employees, contractors and vendors, which creates another security vulnerability.

Networks are often designed and implemented as flat, trusted networks with external access mediated through a Demilitarized Zone (DMZ). Remote access all too often grants access to all devices on the network and is often left granted for extended periods of time.

Our solution facilitates highly constrained remote access for your staff, contractors and vendors that can be granted and revoked in just minutes–without the risk of breaking the underlying network.

Increase Visibility into Network Traffic to Enable Diagnostics, Debugging and Performance Optimization

 Troubleshooting problems on ICS networks can be a challenge, especially as the scale and complexity of the network increases. Furthermore, there is often a lack of complete documentation for existing configurations, which can be problematic when changes need to be made or problems arise. In modern networks, a powerful tool available to network operators is the Switched Port Analyzer (SPAN) port, which is used to passively capture traffic flowing through a specific location within the network infrastructure.

If you want to gain deeper insight into what cyber security solutions are available to you, check out this Industrial Cyber Security Webinar available to watch on-demand.