Critical infrastructure protection using physical security has been going on for decades. Recently, physical security has become a potential vulnerability for cyber threats within these same facilities.
We've been blogging heavily in recent months about selecting the proper manufacturer and technologies for your security systems. Catch up on our surveillance cyber security information here.
Let's take a step back and look at the actual definition of critical infrastructure as determined by the U.S. Department of Homeland Security.
The Office of Infrastructure Protection (IP) leads and coordinates national programs and policies on critical infrastructure security and resilience and has established strong partnerships across government and the private sector. The office conducts and facilitates vulnerability and consequence assessments to help critical infrastructure owners and operators and State, local, tribal, and territorial partners understand and address risks to critical infrastructure. IP provides information on emerging threats and hazards so that appropriate actions can be taken. The office also offers tools and training to partners to help them manage the risks to their assets, systems, and networks.
Presidential Policy Directive 21 (PPD-21): Critical Infrastructure Security and Resilience determines these sectors:
- Chemical Sector
- Commercial Facilities Sector
- Communications Sector
- Critical Manufacturing Sector
- Dams Sector
- Defense Industrial Base Sector
- Emergency Services Sector
- Energy Sector
- Financial Services Sector
- Food and Agriculture Sector
- Government Facilities Sector
- Healthcare and Public Health Sector
- Information Technology Sector
- Nuclear Reactors, Materials, and Waste Sector
- Transportation Systems Sector
- Water and Wastewater Systems Sector
You hear about it in the news...
Target has a data security breach which compromised 40 million customer records.
Craft and hobby store, Michaels, has 2.6 million records stolen (story link here).
The University of Maryland had 300,000 records stolen (story link here).
20,000 emergency department patient records are stolen from Stanford Hospital (story link here).
Federal records show that the U.S. Federal Reserve detected more than 50 cyber security breaches between 2011 and 2015, including several incidents considered to be espionage, according to the Security Industry Association story. The SIA reports that, the Fed’s cybersecurity team logged 310 incident reports during the four-year span, 140 of which were classified as hacking attempts, reported Reuters. Out of those 310 incidents, the Fed identified 51 incidents of “information disclosure” — a broad classification that includes access by hackers or emails sent by Fed employees to the wrong recipient. More on the Federal Reserve story in this video by Reuters.
Security devices are mostly located at the physical edge of the network. Detection devices, such as cameras, are installed in places that are accessible by the public. As these devices are connected to the network, this also increases the risk of unwanted access to the network: people could try to disconnect the security device and connect their own equipment to try to gain access to the network, or attach pass-through equipment to try a so-called a man-in-the-middle attack. There are several ways of mitigating such attempts: get the answers in the white paper here.
David Brent, from Bosch Security and Safety Systems, details common strategies for protecting networks that have security devices like IP cameras attached to them. Click here >>
We've summarized the information and many of the resources to help you stay on top of this topic:
- IP Video and Data Security Guidebook
- Network Authentication - 802.1X
- 3 Common Security Hacks
- Data Security Leaflet
- Securing Data and Equipment Racks
- Encryption of Intrusion Detection Systems
- Security of Security
- Security Encryption and Certificates FAQ
- Lessons learned from major healthcare data breaches
- IT Advancements Revolutionizing Security Technology: Webinar on Demand
- NIST National Cybersecurity Center of Excellence
Physical security has converged with cyber security.
IT professionals are more interested in locking down and monitoring equipment racks to secure hardware integrity, and keeping rogue laptops and removable storage devices away from the network and sensitive data. For example, think about how Edward Snowden stole information from the NSA via unprotected computer hardware (story link here). Sometimes equipment racks are located in dedicated IT closets and sometimes in data centers. Also cause for concern is the amount of IT hardware and infrastructure housed in closets that are shared and accessed by personnel from more than just the IT department. We will discuss several options for securing data racks and closets.