If you haven't heard about what has happened to one of the largest pipelines in America, here is the lowdown.
'The wider American public was afforded an unwanted glimpse into the Wild West world of ransomware this week, after a cyberattack crippled Colonial Pipeline, causing fuel shortages across the eastern seaboard and states of emergency to be declared in four states.
But experts warn that ransomware attacks – which are part-ransom, part-blackmail, part-invocation of squatters' rights – are becoming more frequent, while the primarily Russia-based hackers are growing more sophisticated with their methods.
They have hit solar power firms, federal and local government agencies, water treatment plants and even police departments across the US. As the nation's eyes were focused on the pipeline attack this week, another hacker group was busy targeting Washington DC police – striking at law enforcement in the American capital.'
https://www.theguardian.com/technology/2021/may/13/colonial-pipeline-ransomware-attack-cyber-crime
Defense in Depth
No system is perfectly secure, but all cybersecurity risks can be mitigated if proper controls are implemented. At Swinton Technology, our CompTIA Security+ certified engineers understand the importance of Defense in Depth. This implements multiple layers of protection to make the systems more secure. Antivirus systems and firewalls are essential building blocks of Defense in Depth.
Firewalls
Long gone are the days when metering systems were isolated from the corporate networks. Most modern metering systems include at least one link to the wider company network, used primarily for data hand-off or remote access. If not properly controlled, such links can potentially allow hackers or malware into your metering system.
In a modern control system, all networked devices should be protected with a firewall. So we ensure that all our computers and servers are supplied with host-based firewalls configured to block traffic from untrusted sources. This ensures that only authorised applications are allowed to establish connections.
We have extensive experience supplying network layer firewalls, which are typically installed between the metering assets and the external network. Such an arrangement prevents any unauthorised hosts from accessing the metering system on a network level. Our engineers can either supply and configure such firewalls in compliance with the customer’s policies or assist in integrating our systems into the existing customer-managed infrastructure.
Antivirus
In the simplest terms, antivirus software protects a system from different kinds of malware, including viruses, trojans or ransomware, which seems to be the fastest-growing threat in recent years. A correctly configured antivirus should prevent infections from known malware (using signature-based detection that needs to be kept up to date) and new threats as well, using either reputation-based detection or artificial intelligence mechanisms.
In a metering system, it is vital to ensure that the antivirus does not interfere with the system functionality. Our engineers ensure that the antivirus software is installed and correctly configured prior to internal and factory acceptance testing, guaranteeing long-term system stability and security. By default, Swinton Technology will provide our standard, approved antivirus package. Over the past 20 years, we have installed and validated several customer-supplied antiviruses and have extensive experience in configuring and supporting them.
We work closely with our customers and get to grips with their systems in extensive detail to provide solutions that are fully compliant with their cybersecurity policies and standards. Contact us here for more information about our support services.