A recent PBS News program “White House Chronicle” featured cyber security experts focused on increasing security threats to the power grid. Scott Aronson is the EEIs lead expert on cybersecurity and physical security and Paul Feldman is a board member at the Midwest ISO and also an advisor to Waterfall Security Solutions.
Aronson talked about the increasing need to focus on both cybersecurity and physical since they are now typically have implications on each other. He also emphasized the importance of thinking about cyber security in terms of who the adversary is and the different motivations for groups ranging from terrorist organizations to criminal syndicates to “hacktivists.”
Feldman described how software-based firewalls, typically used to protect critical infrastructure supporting the electric industry, look at the messages and decide if they are safe to transmit. But he also accurately noted that because “zero day” attacks are so new that the firewall does not get alerted in time to look for them rendering them less effective.
Instead, he recommended the use of unidirectional gateways – one way messaging systems that only transmit data out of a system so that no information can ever get into the system from the outside. The idea is that with a gateway it is impossible to perform a “remote control” two-way attack.
Waverley Labs advocates a similar but more effective and scalable connection-based software defined perimeter (SDP) architecture proven to be 100% impenetrable. The SDP goes one step further leveraging single packet authentication (SPA) mechanisms to ensure that the messages are legitimate.
Watch this blog for more info and check out this white paper on Software Defined Perimeters.
The industry’s first open source SDP reference architecture and repository are now available and can be accessed and downloaded here.