Cyber Defense eMagazine March Edition for 2022

More documents

Recommendations

Info

How To Defend Railway Subsystems from Targeted Cyber-Attacks By Michael Cheng, Director at TXOne Networks & C. Max. Farrell, Senior Technical Marketing Specialist at TXOne Networks Railways are a critical part of every nation’s vital system. Maintaining the constant operation of railway systems requires protection from many threats, and disruption can harshly impact a nation’s society, economy, and culture. As the critical industry of railways continues to grow, the risk of cyber-attacks has risen sharply. This creates a need for powerful cybersecurity solutions that can be rapidly and conveniently integrated into routine railway operations to safeguard these critical networks and systems. In addition, these solutions should be resource efficient and transmit data fast enough to keep up with commuter traffic and to accommodate the distributed nature of modern railway technologies. The vulnerable architecture of railway assets Cyber attacks on national utilities and transport networks have increased massively recently, but they are by no means new. Back in 2015, security specialists set up a realistic simulated rail network at the CeBIT trade fair in Hannover and put it online to see how much attention it would attract from hackers. Over its 6-week runtime, 2,745,267 cyber attacks were documented, and in “about 10 percent of the attacks” Cyber Defense eMagazine – March 2022 Edition 80 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
intruders were able to gain control over simulated assets. 1 Would-be attackers’ knowledge of railway systems has progressed even further in the seven years since this experiment. On the one hand the distributed network architecture of the railway infrastructure allows incredible adaptability and for the use of a wide variety of modular assets. On the other hand, many of these assets are no longer up-to-date or patchable. So, the fast-changing nature of cyber threats clashes with/comes up against the long service life and diversity of equipment, making the enforcement of security policies daunting. The same high-connectivity pathways that increase accessibility for trusted railroad engineers also increase accessibility for malicious intruders, which is why specially designed cybersecurity appliances and software can be so essential. Every system needs individual protection Each rail subsystem is a different set of assets with its own individual cybersecurity requirements. Every rail subsystem application classified as security-relevant has been systematically type-tested and secured according to the relevant certifications before leaving the factory. However, the downside of certifications is that they introduce general patterns into defenses that hackers can learn to anticipate and exploit. Defenses for critical services need to go beyond the bare minimum necessary to meet certifications or regulations and include protections that give hackers a hard time. Furthermore, the ongoing support of dedicated security researchers is necessary to adapt these defenses against new cyber threats. User-friendly tailored solutions Cybersecurity begins with education of the staff, but the busy day-to-day work of railway personnel rarely leaves space for that. Thus, all defensive solutions must be as failsafe and streamlined as possible to promote ease of use. Ideally railway subsystems need appliances that have the necessary protocol sensitivity to check network traffic for suspicious actions and deny unusual or unlikely behavior. Such appliances have the further benefit of significantly reducing the likelihood of human error. Each subsystem is dependent on solutions created to meet its specific needs. TXOne Networks suggests an OT zero trust approach to securing operational environments, which includes three phases: segmenting networks, scanning inbound and mobile assets with a portable rapid-scan device, and securing endpoints with defensive solutions tailored to the endpoint’s type (legacy or modernized). Stop intruders and isolate malware Traditional intrusion prevention systems (IPSes) were mere filtering systems, which are no longer adequate protection for critical infrastructure networks. Instead, modernized solutions like TXOne’s Edge series of next-generation IPSes and firewalls bring more sophisticated protection to assets at the station and wayside. Edge series defenses, based on the OT zero trust methodology, detect suspicious behavior 1 Vlad Gostomelsky, “Securing the Railroads from Cyberattacks”, Mass Transit Magazine, Dec 17 2019 Cyber Defense eMagazine – March 2022 Edition 81 Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2:
Why Changing Classified Document St
Page 3 and 4:
Tips And Trends for OT Cybersecurit
Page 5 and 6:
@MILIEFSKY From the Publisher… De
Page 7 and 8:
Welcome to CDM’s March 2022 Issue
Page 9 and 10:
Cyber Defense eMagazine - March 202
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
level of concern while working remo
Page 21 and 22:
The Fragility of a GPS Centric Worl
Page 23 and 24:
Formerly known as LOng-RAnge Naviga
Page 25 and 26:
The Role of The CFO In Enterprise C
Page 27 and 28:
Help them mitigate potential risks
Page 29 and 30: The Safest Ways for Bitcoin Trading
Page 31 and 32: and clear instructions through a "N
Page 33 and 34: According to Cybereason’s “Rans
Page 35 and 36: If you implement these three tips,
Page 37 and 38: • Nearly half of zero-day malware
Page 39 and 40: Don’t Become a Horrible Headline:
Page 41 and 42: pandemic era. By empowering profess
Page 43 and 44: Have We Learned from Our Past Mista
Page 45 and 46: internet, etc. How much training is
Page 47 and 48: How to strengthen cyber resilience
Page 49 and 50: A BCDR solution with automated disa
Page 51 and 52: 1. Cybersecurity Incidents Will Bec
Page 53 and 54: Is XDR The Right Solution for Today
Page 55 and 56: How Open XDR Helps Open XDR address
Page 57 and 58: A very small set of next-gen SIEM s
Page 59 and 60: • What are my options for data la
Page 61 and 62: Additionally, we’ll witness the r
Page 63 and 64: Top 10 Reasons Cyber Defense Firms
Page 65 and 66: 4. Teamwork and individual responsi
Page 67 and 68: 5 Reasons Organizations Need Compre
Page 69 and 70: systems to manage identity and acce
Page 71 and 72: Directed Analytics - The Future of
Page 73 and 74: Directed analytics allow these insi
Page 75 and 76: InDesign and uploaded to indd.adobe
Page 77 and 78: Are You Prepared for the New Normal
Page 79: • Find Unseen Risk - The hardest
Page 83 and 84: About the Authors Michael Cheng is
Page 85 and 86: Why am I rehashing this old trope?
Page 87 and 88: 1. Look for and minimize attack sur
Page 89 and 90: On The Frontline in The War Against
Page 91 and 92: How to Fix Mid-Market Security Usin
Page 93 and 94: the particular victims being target
Page 95 and 96: 5 Ways Cybersecurity Will Change In
Page 97 and 98: #3: Supply chains will be the big r
Page 99 and 100: Executive Order Instructs Certain O
Page 101 and 102: • Stay ahead of fraud. Fraud cost
Page 103 and 104: Too Hot to Handle:The case for Zero
Page 105 and 106: Critically, endpoint security only
Page 107 and 108: To prevent lateral movement attacks
Page 109 and 110: Redefining Resilience in The New Wo
Page 111 and 112: About the Author Andrew Lawton is C
Page 113 and 114: Cyber Defense eMagazine - March 202
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
CyberDefense.TV now has 200 hotseat
Page 137 and 138:
Books by our Publisher: https://www
Page 139 and 140:
show all

Cyber Defense eMagazine March Edition for 2022

Create successful ePaper yourself

Delete template?

Save as template?