采取步骤来阻止网络犯罪分子

网络安全专家Eric Byres在谈论信息技术(IT)安全性时不会引起任何打击。Byres Security Inc.(www.byressecurity.com)的首席技术官说,在控制系统上的黑客攻击是严重的,“这个问题使公司损失了数百万美元”,位于加拿大不列颠哥伦比亚省温哥华岛的兰茨维尔。“这通常保持安静。因此,没有人认为这会发生在发生之前。”

Aw 3929 In Security10

Byres’ experience reveals the problem is not one of “terrorists and kiddy hackers. This is a problem about organized crime and the safety of your systems,” he declares.

为了打击这些网络犯罪分子,BYRES提出了一个多步骤过程,从问题识别开始。他断言:“太多的高级管理层并不认为这是一个真正的问题。”“任何公司的皇冠珠宝都是其制造资产。但是人们不会为公司中最重要的事情提供资源。”

知道系统
That failure derives from management’s lack of knowledge, he says, especially not understanding resources such as programmable logic controllers (PLCs) or, generally, controls systems. For instance, go into a company’s offices and check the receptionist’s desktop personal computer (PC), Byres suggests. “You will find it has anti-virus software, patch management, an encryption system and a firewall. The IT department will have that thing nailed to the floor.”

但是,拜尔斯预测,但是走出大厅进入制造空间,您会发现一些完全不同的东西。他说:“有一个PLC正在运行一项主要设备,我保证您会发现很少的安全保护。”BYRES允许的一些更好的植物,例如主要石油公司经营的植物,将为植物地板PC提供与接待员PC相同的保护水平。但是他在许多工厂中看到的是没有安全性的PC,更不用说完全没有保护的PLC了。

So how does the control system get exposed to attackers? One example he gives is having the control network connected to the business network, which then is exposed to the Internet. “Or someone working at home, doing [remote] maintenance via their home computer, like a VPN (virtual private network), and their machine is exposed to the network.”

他认为,驱动更好安全的是制造自身负责。但是“没有高级管理层的支持,您就会沉没。”但是,有了这个支持,接下来是什么?“组成一个团队。”下一个?BYRES建议:“知道您拥有的设备以及它的脆弱性和风险。”将脆弱性定义为造成风险的系统中的弱点或缺陷,他也将其定义为具有一定后果的某些事件的概率。

然后布置安全目标。“您想实现什么?”尽管Byres认为100%的安全性是无法实现的,但他敦促制定可接受的安全性。Calling this network-security process “exactly the same as safety management,” he observes that, “if you can’t tell me what’s running on your control network, then there’s no way you can assure me you’ve got a safe, reliable plant.”

After setting targets, establish policies and technologies. “You have to change people’s behavior,” Byres remarks. Then comes implementation. And that demands that companies have to change security to make it work for people, not the other way around. “We have to change technology to make it understandable and accessible to the control engineers and technicians,” Byres says.

最后一个动作是关闭控制循环并监视已建造的内容,然后将反馈放入连续的改进循环中。为什么?Byres观察到,“黑客和病毒作家肯定正在不断改善其产品。”因此,制造商最好做同样的事情。

C. Kenna Amos,ckamosjr@earthlink.net, is an Automation World Contributing Editor.

更多控制权