Router Security for Critical Infrastructure

Digital technologies are providing utilities with a wide range of operational and optimization opportunities. In particular, adding intelligent sensors and processing platforms enables smart metering which allows utilities to monitor their systems in real-time. Consequently, the water or electricity company can get instant meter readings remotely.Other than consumption, the technologies allow operators to monitor the lines for quality issues, outages, and other metrics. In case of a failure, they are also able to automatically detect failures and take the necessary action. For example, if there is a fault on a certain section of the network, the digital technologies can disconnect the affected area and isolate it from the healthy part, hence minimizing the number of customers that experience disruption.

Despite the said benefits, digital solutions have various drawbacks such as being prone to cyberattacks. The fact that the sensors, smart meters, and other assets are exposed physically and digitally makes it easy for criminals to access and compromise them.

The increased surface attack is attractive to the cyber attackers and especially when there are communication devices such as routers with weak security and authentication.

While connectivity offers a wide range of operations and cost-cutting opportunities, it exposes the various physical and digital assets to cyber security threats and attacks

Usually, the router is one of the weak points and this makes it an attractive target for hackers since once they log into the device, they can see all the other components, monitor traffic, set up their network, among many other malpractices.

Once the criminals attack a system, they can compromise the company and consumer data, cause disruptions and outages that would result in economic losses as well as increased safety and security risks.

 

Vulnerabilities and threats to grid network infrastructure

Routers are critical components of the critical infrastructure that power the internet, smart metering, and remote control communications. During operation, the router, which is a dedicated communication computer, is responsible for making the required connections between the client device and the receiving equipment such as a server and vice versa. They act as the gateways to the network, hence has the responsibility to receive and forward network traffic while still responding to the client devices.

Upon receiving a request, the router routes the signal or forwards the packets to the destination address. Unfortunately, most routers such as some models for home wireless networks have several security vulnerabilities that expose the connected devices to security attacks.

The insecure routers are a risk to the critical grid infrastructure. Once the hackers access the smart metering network, they can do a lot of harm including but not limited to;

  • Change the billing amount
  • Shut down thousands of smart meters
  • Access the utility’s private network and communicate with other critical assets.
  • Stealing consumer and utility data
  • Perform actions that lead to the imbalance on the grid supply and demand, serious disruptions, and outages
  • Demand for ransom
  • Lead to denial of service
  • Upon accessing the system, the attackers can use this as a launch point for more attacks

 

Router vulnerabilities attacker exploit

An attack on a router is when bad actors exploit the vulnerabilities in the protocols, weak authentication, use of default passwords, out-of-date router software, etc. Attackers may use brute force methods to crack the passwords and these may lead to denial of service and other actions that interrupt normal operations, data theft, etc.

Other reasons why routers are vulnerable include poor encryption and security of the routing table, hence allowing the attackers to compromise or modify the information and direct traffic to a server they control.

Usually, the criminals will exploit routers by taking advantage of already existing vulnerabilities or oversights. In particular, routers with the following are issues that are very easy to attack

 

  • Unauthenticated services
  • Legacy unencrypted protocols
  • Outdated and insecure software, not security patches, vulnerable firmware, etc.
  • Inadequate hardening

Protecting networks through strong router security

In addition to a strong team to deploy and maintain a strong cyber security posture, using routers with high-security features is critical in protecting the infrastructure. The teams should continuously monitor and check the systems, identify and fix vulnerabilities. Usually, protecting the infrastructure against attacks is a complex process that requires an integrated approach that combines the use of secure practices, hardware, and software solutions.

Ideally, the security and especially of the routers should be at all levels. Ideally, a router that provides all-around protection ensures maximum data security for the infrastructure.

Although the router technology may differ across different vendors and models, the following are some basic features to look for when planning your network.

Addressing the security risks and threats requires deploying reliable solutions and following proven policies and processes. Additionally, teams must verify the integrity and authenticity of each device on the infrastructure, including their hardware and software.

 

Critical infrastructure best security strategies and practices

Utilities and technology providers must ensure tight security for the systems, and make them hard to penetrate. In particular, using highly secure routers such as the ENCS approved devices and practices provides ideal protection, hence making the networks difficult to penetrate,

 

Use standard and certified routers and practices

The European Network for Cyber Security (ENCS) is an organization that provides guidelines on how to protect critical infrastructure. It covers a wide range of issues including but not limited to defining the security requirements of the infrastructure.

The collaboration focuses on evaluating the network protocols and assisting organizations on how to respond to security vulnerabilities. It helps organizations procure and implement secure infrastructure and respond to identified threats and vulnerabilities.

ENCS certification is only available to secure devices that meet various requirements. Further, the organization has developed several security documents that grid operators, stakeholders, and technology providers need, to secure their infrastructure and operations.

 

In particular, the documents, which are usually aligned with the ISO/IEC 27000 standards, focus on

  • Smart metering
  • Substation automation
  • Distribution automation
  • Electric vehicle charging
  • SCADA / EMS / (A)DMS

 

Ideally, the grid operators should comply with the specified security requirements when building a new or updating a digital-based system. Generally, there are five types of ENCS recommendations, each focusing on certain areas as below

  1. Security risk assessment – Helps grid operators to assess their systems, potential risks and impacts as well as whether the security systems in place are adequate
  2. Security architectures – Recommended comprehensive security solutions to protect the entire infrastructure as opposed to individual components.
  3. Security requirement documents for individual components of the security system
  4. Technical audit plans – To ensure that the system complies with set grid security architecture
  5. Security test plans – These describe how to test the components to confirm that they comply with the security requirements. The testing provides an opportunity to identify or detect security vulnerabilities while validating existing protection solutions and gaps if any.

 

Only devices that pass the exhaustive security testing are certified. Luckily, WM System is one of the few manufacturers with high-quality, secure, and ENCS certified routers. Some of our highly secure routers for critical infrastructure include;

A secure router protects all the data and network assets, hence blocking all would-be-attackers from accessing and compromising the infrastructure.

 

Use best security practices

Enhancing the security in the industrial network should be a priority for both the utility and security teams. Other than routing traffic, the router should ideally work as the first line of defense for critical infrastructures such as computer and industrial networks.

Besides the use of secure hardware devices, the network design should follow best security practices. For example, segmenting the network depending on applications, devices, and desired access levels will reduce the attack surface and impact.

On one hand, the processing platform should be on its secure network and only accessible by specific users, such as admins. The area that consumers need to access should also be limited on what users can do.

Although they are vulnerable, the routers can provide a reliable first line of defense for the networks and critical infrastructure.

To prevent unauthorized access and protect the infrastructure, network components, and grid assets, it is essential to harden the main components such as routers and switches. Typical practices include enabling the firewalls, and other security features such as the Intrusion prevention systems (IPS), using strong passwords, enabling anti-spoofing filters, securing the protocols and keys, etc.

Routers with strong security features help to protect the consumers, utility systems, and data. Typical devices use secure boot, as well as strong cryptographic technologies.

Ideally, the network routers should be included in the overall security plan. Some of the considerations include configurations, admin access, privilege levels, passwords, authentication, and authorization. The network administrator and relevant IT teams also need to ensure physical security and how to respond to incidences and logging violations.

 

Use a router that supports secure boot

A secure boot eliminates a wide range of exploits. In particular, it hardens the router against attacks. It also prevents the modification of critical firmware features. Generally, the secure boot feature ensures that the router will only boot from authorized and unmodified software. The hardware-based secure boot feature is harder to penetrate or crack even with physical access.

Usually, the boot process relies on an unbroken chain of trust. A typical boot process follows the following steps

  1. The firmware initializes the router hardware after which it checks the loader signature to confirm that it is legitimate before the handoff.
  2. Once it verifies the signature, the loader will locate the operating system’s image and then check the kernel signature before the handoff.
  3. The kernel will then start the operating system, then check and run the Daemons.

 

Secure cryptographic technologies

In practice, secure routers employ hardware-based crypto processes to prevent attackers from compromising the secret key, including in environments where the criminals have physical access to the router. However, to fulfill this role, the router should have enhanced security capabilities.

Attackers know the importance of encryption, but as usual, they are usually ahead or looking for ways to beat the systems. That said some products employ multiple security layers that make it hard for hackers to break into a system.

 

Lockdown the router firmware

Out of date firmware is one of the major flaws that results in exposing the device to various exploits. A good router should have a means to securely update its firmware to fix the security vulnerabilities and bugs hence protect it against existing and emerging threats.

Generally, there is no anti-virus for a router, the best security is to protect the device through the use of secure hardware and software components.

In most routers, the default pre-installed firmware is usually insecure. The firmware, usually based on the open-source operating system, is also problematic at times. The flaws in features such as the WPS or the Wi-Fi-protected setup, which is usually enabled by default, allows the new users to protect their network. However, it has various security flaws that remote attackers can exploit and access the network with little effort. Luckily, locking the firmware makes it difficult for attackers to access and modify the configuration.

 

Authenticate and verify routing protocols

Generally, authenticating the routing protocols with a password and then adding encryption helps to improve security. However, since the credentials are sent through the network as clear text, attackers ban intercept and steal the credentials. As such, adding encryption adds an extra security layer that makes it more difficult for hackers to read the password.

 

Antispoofing and securing routing protocols

The routing protocols are essential in exchanging information between network devices. An anti-spoofing filter is useful in preventing the forged packets from external users and making them look like they are coming or originating from the internal network.

When attackers send spoofed packets that look like they are coming from internal trusted systems, they can bypass or manipulate the established security controls. For example, if an attacker inserts false routing information, the router may relay the network traffic to a different destination that the cybercriminals control. Alternatively, the attacker may bypass the intrusion detection systems or firewall and gain access to restricted areas.

The antispoofing filters protect the router and the networks behind it. Once implemented, the filters will stop attackers from spoofing the connections to the router. Additionally, the filters will block a wide range of attacks targeting other assets other than the router.

 

Enable Firewall

A firewall usually monitors the incoming and outgoing traffic while allowing specific types and blocking others. The firewall is a major feature that you should consider when looking for a secure router for critical infrastructure. A good security practice is to always ensure that the firewall is enabled at all times and configured appropriately to only allow safe traffic and block what appears suspicious or does not meet the set threshold.

 

Device hardware security

If possible use a tamper-proof mechanical housing with the ability to alert relevant people when compromised. Further, the use of secure hardware chips to store critical security information such as credentials, cryptographic keys, and the router’s certificates and more will enhance security. The chip should ideally provide secure, tamper-proof storage for the router configuration data and other important information.

 

Strong access control

To achieve this, the router must support mutual authentication and authorization between devices on the network. Other features include enforcing strong usernames and passwords as well as certificate-based security.

 

Maintain data privacy and integrity

The router needs to support scalable and flexible encryption keys management. As such, it should have a secure way to generate exchange, store and revoke the keys.

 

Support segmentation, detect and mitigate threats

To protect the system and prevent attackers from accessing other networks, it is critical to segment the networks. That is operational technology (OT) and Informational Technology (IT) should run on different networks so that if an attacker manages to penetrate one, it is impossible to access the other segment, hence a smaller impact.

Better still, building a zero trust segmentation enhances the security much further

Secure routers can help to build segmented networks separated by a strong security boundary. For example, segmenting the OT and IT networks provides the security teams with more control and ability to manage the network traffic better, including deploying filters to only allow the industrial protocols that the application requires.

Ideally, a good router should support network segmentation of the devices, applications, and users within the NAN and WAN environments. Also, the routers in the field should have the ability to filter the traffic and differentiate between users and devices. All critical assets should be deployed behind reliable and high-security firewalls.

 

Use trusted products

While there are so many products in the market, it is important to use reliable, secure, and trusted routers. In particular, look for a certified product such as the M2M industrial routers from WM Systems. These are proven and reliable products designed for critical infrastructure such as smart metering networks. The products are ENCS certified, hence thoroughly tested and confirmed to comply with the stringent security standards that the body specifies. The routers meet the standard security standards and regulations that govern secure grid digitization.

 

Observe best network security practices

Cyber security risks increase as the need for operational data grows as well as sophisticated threat actors and attack techniques. As more meters connect to the network, the attack surface increases significantly.

Although there is a need to deploy highly secure routers for the infrastructure, it is important to use devices that combine advanced security and enhanced performance capabilities. Other than the inbuilt features, there are some practices that IT teams should use to enhance security. Some of these include;

  • Changing the default accounts and passwords to strong ones that are difficult to guess or crack
  • Limiting the number of unsuccessful login attempts
  • Securing and limiting web GUI-based access. Ideally, you should only permit access from trusted devices. Additionally, enforcing the idle timeout option ensures that the router will terminate inactive sessions.
  • If a router has a web interface, it is a good security practice to limit the access to only the hosts on the LAN side and not external. Further, limit the access to specific MAC or IP addresses.
  • Turn off users that are not in use to reduce the attack surface. Some of these include the IPv6, SNMP, NAT-PMP, ALG (Application Layer Gateways), etc.
  • Disable the use of unencrypted management protocols to access the network from the internet. If impossible consider using an encrypted VPN.
  • Disable the access of the router’s and other network devices management interfaces from the internet. Ideally, restrict the access to the management interface to trust and whitelisted internal hosts. If impossible you can use a secure VPN connection.

 

Conclusion

Connected technologies are enabling companies and service providers to automate and improve operations and services, hence reduce costs and travel, while improving quality control and maintenance.

However, over the recent past, critical infrastructure has been one of the major targets of cyber-attacks. And this is a big risk since if criminals manage to access the systems; they can perform dangerous operations like shutting down critical infrastructure such as the electric grid. Besides data theft and outages such action will cause, the criminals can also issue commands that will damage major infrastructure components. For these reasons, the security of all the major components of critical infrastructure systems should be a high priority.

Routers enable communication between various devices over a network and are usually the weak link. As such, to secure the networks, it is essential to use reliable, scalable, and highly secure routers. These should ideally protect the infrastructure and networks against unauthorized access while enabling communication between genuine computers.

Despite being vulnerable and prone to exploits, some secure and reliable routers can also work as a robust first line of defense for critical networks. In particular, WM system M2M routers, which are ENCS approved, have inbuilt security features, that, when configured well, provides the highest security to the industrial and other critical networks.