Digital technologies are providing utilities with a wide range of operational and optimization opportunities. In particular, adding intelligent sensors and processing platforms enables smart metering which allows utilities to monitor their systems in real-time. Consequently, the water or electricity company can get instant meter readings remotely. Other than consumption, the technologies allow operators to monitor the lines for quality issues, outages, and other metrics. In case of a failure, they are also able to automatically detect failures and take the necessary action. For example, if there is a fault on a certain section of the network, the digital technologies can disconnect the affected area and isolate it from the healthy part, hence minimizing the number of customers that experience disruption.
Despite the said benefits, digital solutions have various drawbacks such as being prone to cyberattacks. The fact that the sensors, smart meters, and other assets are exposed physically and digitally makes it easy for criminals to access and compromise them.
The increased surface attack is attractive to the cyber attackers and especially when there are communication devices such as routers with weak security and authentication.
While connectivity offers a wide range of operations and cost-cutting opportunities, it exposes the various physical and digital assets to cyber security threats and attacks
Usually, the router is one of the weak points and this makes it an attractive target for hackers since once they log into the device, they can see all the other components, monitor traffic, set up their network, among many other malpractices.
Once the criminals attack a system, they can compromise the company and consumer data, cause disruptions and outages that would result in economic losses as well as increased safety and security risks.
Routers are critical components of the critical infrastructure that power the internet, smart metering, and remote control communications. During operation, the router, which is a dedicated communication computer, is responsible for making the required connections between the client device and the receiving equipment such as a server and vice versa. They act as the gateways to the network, hence has the responsibility to receive and forward network traffic while still responding to the client devices.
Upon receiving a request, the router routes the signal or forwards the packets to the destination address. Unfortunately, most routers such as some models for home wireless networks have several security vulnerabilities that expose the connected devices to security attacks.
The insecure routers are a risk to the critical grid infrastructure. Once the hackers access the smart metering network, they can do a lot of harm including but not limited to;
An attack on a router is when bad actors exploit the vulnerabilities in the protocols, weak authentication, use of default passwords, out-of-date router software, etc. Attackers may use brute force methods to crack the passwords and these may lead to denial of service and other actions that interrupt normal operations, data theft, etc.
Other reasons why routers are vulnerable include poor encryption and security of the routing table, hence allowing the attackers to compromise or modify the information and direct traffic to a server they control.
Usually, the criminals will exploit routers by taking advantage of already existing vulnerabilities or oversights. In particular, routers with the following are issues that are very easy to attack
In addition to a strong team to deploy and maintain a strong cyber security posture, using routers with high-security features is critical in protecting the infrastructure. The teams should continuously monitor and check the systems, identify and fix vulnerabilities. Usually, protecting the infrastructure against attacks is a complex process that requires an integrated approach that combines the use of secure practices, hardware, and software solutions.
Ideally, the security and especially of the routers should be at all levels. Ideally, a router that provides all-around protection ensures maximum data security for the infrastructure.
Although the router technology may differ across different vendors and models, the following are some basic features to look for when planning your network.
Addressing the security risks and threats requires deploying reliable solutions and following proven policies and processes. Additionally, teams must verify the integrity and authenticity of each device on the infrastructure, including their hardware and software.
Utilities and technology providers must ensure tight security for the systems, and make them hard to penetrate. In particular, using highly secure routers such as the ENCS approved devices and practices provides ideal protection, hence making the networks difficult to penetrate,
The European Network for Cyber Security (ENCS) is an organization that provides guidelines on how to protect critical infrastructure. It covers a wide range of issues including but not limited to defining the security requirements of the infrastructure.
The collaboration focuses on evaluating the network protocols and assisting organizations on how to respond to security vulnerabilities. It helps organizations procure and implement secure infrastructure and respond to identified threats and vulnerabilities.
ENCS certification is only available to secure devices that meet various requirements. Further, the organization has developed several security documents that grid operators, stakeholders, and technology providers need, to secure their infrastructure and operations.
In particular, the documents, which are usually aligned with the ISO/IEC 27000 standards, focus on
Ideally, the grid operators should comply with the specified security requirements when building a new or updating a digital-based system. Generally, there are five types of ENCS recommendations, each focusing on certain areas as below
Only devices that pass the exhaustive security testing are certified. Luckily, WM System is one of the few manufacturers with high-quality, secure, and ENCS certified routers. Some of our highly secure routers for critical infrastructure include;
Enhancing the security in the industrial network should be a priority for both the utility and security teams. Other than routing traffic, the router should ideally work as the first line of defense for critical infrastructures such as computer and industrial networks.
Besides the use of secure hardware devices, the network design should follow best security practices. For example, segmenting the network depending on applications, devices, and desired access levels will reduce the attack surface and impact.
On one hand, the processing platform should be on its secure network and only accessible by specific users, such as admins. The area that consumers need to access should also be limited on what users can do.
Although they are vulnerable, the routers can provide a reliable first line of defense for the networks and critical infrastructure.
To prevent unauthorized access and protect the infrastructure, network components, and grid assets, it is essential to harden the main components such as routers and switches. Typical practices include enabling the firewalls, and other security features such as the Intrusion prevention systems (IPS), using strong passwords, enabling anti-spoofing filters, securing the protocols and keys, etc.
Routers with strong security features help to protect the consumers, utility systems, and data. Typical devices use secure boot, as well as strong cryptographic technologies.
Ideally, the network routers should be included in the overall security plan. Some of the considerations include configurations, admin access, privilege levels, passwords, authentication, and authorization. The network administrator and relevant IT teams also need to ensure physical security and how to respond to incidences and logging violations.
A secure boot eliminates a wide range of exploits. In particular, it hardens the router against attacks. It also prevents the modification of critical firmware features. Generally, the secure boot feature ensures that the router will only boot from authorized and unmodified software. The hardware-based secure boot feature is harder to penetrate or crack even with physical access.
Usually, the boot process relies on an unbroken chain of trust. A typical boot process follows the following steps
In practice, secure routers employ hardware-based crypto processes to prevent attackers from compromising the secret key, including in environments where the criminals have physical access to the router. However, to fulfill this role, the router should have enhanced security capabilities.
Attackers know the importance of encryption, but as usual, they are usually ahead or looking for ways to beat the systems. That said some products employ multiple security layers that make it hard for hackers to break into a system.
Out of date firmware is one of the major flaws that results in exposing the device to various exploits. A good router should have a means to securely update its firmware to fix the security vulnerabilities and bugs hence protect it against existing and emerging threats.
Generally, there is no anti-virus for a router, the best security is to protect the device through the use of secure hardware and software components.
In most routers, the default pre-installed firmware is usually insecure. The firmware, usually based on the open-source operating system, is also problematic at times. The flaws in features such as the WPS or the Wi-Fi-protected setup, which is usually enabled by default, allows the new users to protect their network. However, it has various security flaws that remote attackers can exploit and access the network with little effort. Luckily, locking the firmware makes it difficult for attackers to access and modify the configuration.
Generally, authenticating the routing protocols with a password and then adding encryption helps to improve security. However, since the credentials are sent through the network as clear text, attackers ban intercept and steal the credentials. As such, adding encryption adds an extra security layer that makes it more difficult for hackers to read the password.
The routing protocols are essential in exchanging information between network devices. An anti-spoofing filter is useful in preventing the forged packets from external users and making them look like they are coming or originating from the internal network.
When attackers send spoofed packets that look like they are coming from internal trusted systems, they can bypass or manipulate the established security controls. For example, if an attacker inserts false routing information, the router may relay the network traffic to a different destination that the cybercriminals control. Alternatively, the attacker may bypass the intrusion detection systems or firewall and gain access to restricted areas.
The antispoofing filters protect the router and the networks behind it. Once implemented, the filters will stop attackers from spoofing the connections to the router. Additionally, the filters will block a wide range of attacks targeting other assets other than the router.
A firewall usually monitors the incoming and outgoing traffic while allowing specific types and blocking others. The firewall is a major feature that you should consider when looking for a secure router for critical infrastructure. A good security practice is to always ensure that the firewall is enabled at all times and configured appropriately to only allow safe traffic and block what appears suspicious or does not meet the set threshold.
If possible use a tamper-proof mechanical housing with the ability to alert relevant people when compromised. Further, the use of secure hardware chips to store critical security information such as credentials, cryptographic keys, and the router’s certificates and more will enhance security. The chip should ideally provide secure, tamper-proof storage for the router configuration data and other important information.
To achieve this, the router must support mutual authentication and authorization between devices on the network. Other features include enforcing strong usernames and passwords as well as certificate-based security.
The router needs to support scalable and flexible encryption keys management. As such, it should have a secure way to generate exchange, store and revoke the keys.
To protect the system and prevent attackers from accessing other networks, it is critical to segment the networks. That is operational technology (OT) and Informational Technology (IT) should run on different networks so that if an attacker manages to penetrate one, it is impossible to access the other segment, hence a smaller impact.
Better still, building a zero trust segmentation enhances the security much further
Secure routers can help to build segmented networks separated by a strong security boundary. For example, segmenting the OT and IT networks provides the security teams with more control and ability to manage the network traffic better, including deploying filters to only allow the industrial protocols that the application requires.
Ideally, a good router should support network segmentation of the devices, applications, and users within the NAN and WAN environments. Also, the routers in the field should have the ability to filter the traffic and differentiate between users and devices. All critical assets should be deployed behind reliable and high-security firewalls.
While there are so many products in the market, it is important to use reliable, secure, and trusted routers. In particular, look for a certified product such as the M2M industrial routers from WM Systems. These are proven and reliable products designed for critical infrastructure such as smart metering networks. The products are ENCS certified, hence thoroughly tested and confirmed to comply with the stringent security standards that the body specifies. The routers meet the standard security standards and regulations that govern secure grid digitization.
Cyber security risks increase as the need for operational data grows as well as sophisticated threat actors and attack techniques. As more meters connect to the network, the attack surface increases significantly.
Although there is a need to deploy highly secure routers for the infrastructure, it is important to use devices that combine advanced security and enhanced performance capabilities. Other than the inbuilt features, there are some practices that IT teams should use to enhance security. Some of these include;
Connected technologies are enabling companies and service providers to automate and improve operations and services, hence reduce costs and travel, while improving quality control and maintenance.
However, over the recent past, critical infrastructure has been one of the major targets of cyber-attacks. And this is a big risk since if criminals manage to access the systems; they can perform dangerous operations like shutting down critical infrastructure such as the electric grid. Besides data theft and outages such action will cause, the criminals can also issue commands that will damage major infrastructure components. For these reasons, the security of all the major components of critical infrastructure systems should be a high priority.
Routers enable communication between various devices over a network and are usually the weak link. As such, to secure the networks, it is essential to use reliable, scalable, and highly secure routers. These should ideally protect the infrastructure and networks against unauthorized access while enabling communication between genuine computers.
Despite being vulnerable and prone to exploits, some secure and reliable routers can also work as a robust first line of defense for critical networks. In particular, WM system M2M routers, which are ENCS approved, have inbuilt security features, that, when configured well, provides the highest security to the industrial and other critical networks.
We are thrilled to announce that Ali Mouslmani has joined WM Systems as our new partner in the United Arab […]
Introduction In the rapidly evolving world of industrial automation and IoT, the demand for compact, versatile, and efficient communication solutions […]
Introduction The fourth industrial revolution, or Industry 4.0, is redefining the landscape of industrial operations. Key to this transformation is […]
The group of WM Systems LLc.
Solar plants and farms are complex systems with a variety of equipment that needs to be monitored and controlled. This […]
Industrial settings are replete with equipment that demands efficient connectivity solutions. With the rise of the Internet of Things (IoT) […]
DIN-rail mountable industrial routers are an essential component of many industrial applications. They provide a reliable and secure way to […]
Make the modern smart grid more secure, resilient, and sustainable
In today’s dynamic world, understanding the nuances of electrical energy management has never been more crucial. A distinct feature of […]
Introducing the Relay Box