Business & Technology

Fortinet Security Fabric: Protecting the Unique Environment of Industrial Control Systems

By Nirav Shah | April 03, 2017

src: /content/dam/fortinet-blog/new-images/uploads/fortinet-security-fabric-protecting-the-unique-environment-of-industrial-control-systems-2557.00_jpg_srzIndustrial Control System (ICS) is a general term for command and control systems designed to support industrial processes. We find ICS environments in all industries: manufacturing, automotive, medical systems, refineries, power, water, and more. With the rise of Industrial IoT (I-IoT), connected devices such as electric meters, water flow gauges, pipeline monitors, manufacturing robots, and other types of connected industrial controls critical to industry and infrastructure are increasingly the targets of attack.

Results of attacks on ICS systems can range from disruption of a manufacturing floor to actually endangering the health and lives of citizens. Recent examples of this include an attack that gave a group of Iranian hacktivists access to the control system for a dam in the suburbs of New York, hackers infiltrating a water utility’s control system and changing the levels of chemicals being used to treat tap water, and a group of hackers taking over computers at an electricity control center for a second time, plunging parts of the city of Kiev into darkness.

The Impact of a Breach on Industrial Control Systems

Cyberattacks on ICS differ in impact based on a number of factors, including the hacker’s intent, sophistication, and familiarity with ICS. By impacting the industrial production process, hackers can affect the quality of the end product, delay the production or delivery of essential goods, or raise operational and maintenance costs. Other risks include the theft of sensitive commercial information, including intellectual property, and costly downtime of production systems. Tampering with industrial machinery can also have catastrophic consequences, resulting in financial and physical damage and even endangering the lives of production personnel. Finally, attacks on public utilities, critical infrastructures, and the interconnected services of smart cities can pose a wide range of risks to public safety.

Fortinet Security Fabric for IT and OT Convergence

By taking a systemic and pragmatic approach to securing the ICS environment, industries and organizations can improve their ICS security posture by converging information and operational technology.

The first line of defense in protecting industrial control systems is to secure the IT side, as this is the most likely first point of attack. Access to OT networks, including traffic passing between IT and OT ecosystems, and segmented parts of OT also need to be hardened.

This can be accomplished through the FortiGate Enterprise Firewall or FortiGate Rugged product line, which offers industrially hardened all-in-one security appliances designed to deliver specialized threat protection to secure critical industrial and control networks against malicious attacks. Designed for confined spaces and harsh conditions, these solutions provide high performance combined with ICS focused signatures and protocols to protect sensitive ICS/SCADA devices and networks. Here is the sample list of Industry’s broadest ICS/SCADA protocols with the granularity for over 400 different commands supported.

Secure Access to OT networks is important and can be provided by Fortinet’s hardened access points and switches. With Fortinet Security Fabric, customers can see all these devices in a real-time dynamic topology to better understand the overall security posture of the organization.

Advanced Threat Protection for ICS Environment

Traditionally, the detection and blocking of attacks happens through the use of threat signatures, yet this approach relies on having encountered some close variant of the threat before. With the extensive threat response resources of FortiGuard Labs continually monitoring thousands of live customer networks around the world, this is certainly likely, but with the stakes for ICS intrusion so high, it is essential to also prepare for attacks which have yet to be encountered. In such a scenario, it becomes crucial that an intrusion is detected rapidly, its propagation limited, and its impact minimized. Here, a critical component of Fortinet’s Advanced Threat Protection Framework is FortiSandbox, which is designed to detect and analyze advanced attacks that might bypass more traditional signature-based defenses.

Comprehensive Layered Security across the Entire ICS Network

When it comes to securing the unique environment of Industrial Control Systems, so much is at stake. Which is why it is critical for ICS to be able to implement comprehensive layered security that is tied to the entire network security framework, while incorporating the specific protocols and requirements of ICS into our solutions. Fortinet solutions have been designed to support ICS protocols and manufacturers, allowing them to provide the same level of actionable security in an industrial network as it does in an enterprise network while adapting to the unique ICS environment. See how Fortinet can help you secure your critical infrastructure.