Dieter Klein, Managing Director, KEYMILE Asia in an interaction with Techseen discusses how these networks are increasingly at risk by attackers and strategies that can be adopted to secure them efficiently. Excerpts:
Techseen: What exactly are mission-critical networks?
Klein: Mission-critical networks are highly reliable and secure network infrastructures that offer mission-critical applications for controlling and monitoring electricity grids, gas & oil pipelines, railways, public-safety facilities and aviation management. It is necessary to ensure the highest availability of the mission-critical network connections as downtime can mean risks to organisations or even individuals.
Techseen: What is the role of a mission-critical network in safety and security?
Klein: Ensuring maximum reliability of connections is of crucial importance for mission-critical networks. If a mission-critical application fails, companies and even the lives of people will be at risk. Hence, stable and robust communications are crucial for sensors or actors, who must constantly be connected and acquire situational awareness in real time when responding to emergencies.
Techseen: You have recently opened your Asia Pacific regional hub in Singapore. What is the state of mission-critical networks in the APAC region as against EMEA where you have been operating predominantly?
Klein: The Asia-Pacific market for mission-critical networks is growing rapidly. There is increasing investment in infrastructure within the energy sector, at railway companies and in local government to support the booming economic growth in the APAC region. That said, there are rising concerns on cyber security issues as critical infrastructures are increasingly connected to the Internet. For instance, South Korea has ten times more Internet-exposed industrial control systems compared to China or India.
Fortunately, many organisations in the region are intensifying efforts to avoid cyberattacks. Some countries in the region such as Japan have stepped up efforts to secure computer-controlled cars, trains and aircraft from cyberattacks ahead of the 2020 Tokyo Summer Olympics, and Singapore is actively taking measures to defend, detect, respond and recover from cyberattacks.
The EMEA region on the other hand, faces escalating cyberattacks on mission-critical networks. In 2015, a power plant hack caused a blackout for 80,000 customers of western Ukraine’s Prykarpattyaoblenergo utility. More recently, a Distributed Denial of Service (DDoS) attack caused disruptions in the heating distribution of two properties in Lappeenranta, Finland.
As APAC continues with economic prosperity, we expect to see more cybercriminals targeting critical infrastructures as we do in the EMEA region. It is a good opportunity for governments and companies to learn from these attacks and step up efforts to safeguard mission-critical networks.
Techseen: How are these networks increasingly at risk by cyber attackers?
Klein: The focus of cyberattacks has shifted from data breaches to global critical infrastructure. Within these networks, transmission paths and network control are the weak points, and the risk potential here is enormous. For example, hackers can gain direct access to IT systems via poorly secured remote-monitoring access, or use sniffer tools to eavesdrop on data lines.
Leading organisations in the energy, telecommunications, high-tech, finance and transportation sectors are becoming prime targets of cyber attackers as they attempt to manipulate equipment or destroy data. An example in this region is North Korea’s reported attempt to hack South Korea’s railway system earlier this year.
Techseen: Why it is increasingly important to ensure that these networks are sustainable?
Klein: From electricity grids, gas and oil pipelines to transportation, these systems are vital to every element of society. Countries such as Singapore and Malaysia, China and Thailand, have formed railway project partnerships to boost trade and enhance bilateral relationships.
With higher connectivity, failures in mission-critical networks can potentially cause major disruptions across the globe. Cyber attackers are slowly turning to operational technologies and the critical infrastructure they support. Conventional methods may no longer be relevant as they find ways to overcome security barriers.
It is important to leverage new technologies to ensure mission-critical networks are sustainable and well protected. Hence, there is an urgent need to address the vulnerabilities inherent to critical infrastructure and the potential for grave consequences if not well secured.
Techseen: How can quantum cryptography enhance end-to-end encryption of mission critical networks?
Klein: Deterministic random numbers are mathematically generated in conventional processes. Quantum cryptography, on the other hand, works with the quantum states of photons – in other words, light particles. This enables operators to encrypt data traffic, embedded in an end-to-end solution for information security management. The quantum random number generator (QRNG) harnesses the intrinsically random quantum states of photons to ensure encryption keys are truly random and unique. This provides enhanced security in the end-to-end encryption of mission-critical networks.
Techseen: Public safety and security organizations primarily rely on web-based applications to reduce client software costs and enable personnel to use any browser in any location. How can these web-based applications be protected from unauthorized access by individuals who would use the data to cause harm?
Klein: Internet-based interactions are highly susceptible to attacks, attempts at manipulation and espionage. In the Internet of Things (IoT) era, cybercriminals can find various means to gain unauthorized access to sensitive data and launch large-scale malicious activities.
A comprehensive IT security management is therefore necessary, whereby encrypted data transmission plays a crucial role. Quantum cryptography is a future-proof solution that will be effective for this.
The security of QKD (Quantum Key Distribution) is founded on the basic principle of quantum physics: Should third parties try to spy on transmitted keys, they will irrevocably change the quantum state of the photons. Transmitters and receivers register this interference, revealing the attempt to spy on the data and key generation and transmission restarts. Even if an attack is discovered, the encrypted data cannot be read and stays secure.
Techseen: What are some strategies when it comes to securing mission-critical networks?
Klein: Firstly, government and trade associations can increase awareness on the vulnerabilities in critical infrastructure and potential implications when security is compromised. Companies can hence understand the potential risks better and develop contingency plans in response to possible cyberattacks in the future.
The government should support the protection of critical infrastructures. Rigorous authentication protocols, standard industry guidelines or best practices can be developed and shared across different industries in the region. Addressing these issues collectively will help foster a secure and resilient cyber space in the region.
Organisations themselves can also ensure that their mission-critical networks are well secured. To avoid potential cyber risks, organisations will need to review their communication systems thoroughly and make sure that all access points are secured.
Techseen: What solutions does KEYMILE render to tackle the ill consequences of critical infrastructure?
Klein: KEYMILE products are developed based on decades of experience to offer solutions that meet the stringent access and transport networks requirements for mission-critical systems in the areas of clock synchronization, scalability, protection, reliability, ultra-long lifecycles and backward compatibility. Our new security card SECU1, for instance, offers exceptionally secure transmission of mission critical data in MPLS-TP environments by using quantum physics.
KEYMILE’s hybrid multi-service access and transmission platform XMC20 was designed to meet the stringent access and transport networks requirements for mission-critical systems. It supports the co-existence of native TDM (Time Division Multiplexing) and packet-based data transmission in one single network element. With this, users have the flexibility to choose the best technology for their mission-critical applications. This also lowers the operational costs and enhances the reliability and the availability of services.
In addition to providing professional support when it comes to mission-critical networks, KEYMILE offers a wide portfolio to assist customers in migrating from traditional to IP technologies which creates strong demand for solutions such as highly secure end-to-end encryption in mission-critical networks.
