Unidirectional Gateways for Cyber

In 1982, I wrote a line of assembly code that connected an 8-bit 6502 microprocessor with a 6520 peripheral interface adapter, and my experience of computing changed forever. Until that moment, programming for me involved tapping commands into a keyboard and watching the result on a little display. But with that one memory-mapped operation, a new world was opened for me – one that allowed control of keyboards, printers, and cassette recorders (yea, that was a thing). It was thrilling.

I must say that since then, I’ve always had a soft spot for programmed control of industrial applications, especially ones that are embedded into complex support tasks in factories, power plants, data centers, and other tangible operational environments. The software automation of industrial control systems (ICS) is clearly the defining aspect of the modern industrial revolution. Most business historians understand this.

But with such automated power in ICS came a full range of cyber security issues. This started with early complaints about weak Supervisory Control and Data Acquisition (SCADA) security design, but has since advanced to a legitimate engineering discipline focused on the protection of operational technology (OT) systems positioned behind so-called IT/OT gateways. Many observers correctly point to this aspect of modern cyber security as perhaps the most critical in terms of consequential threat prevention.

I recently had the privilege to interview one of the great minds in this area, Lior Frenkel, Founder and CEO of Waterfall Security. Lior and his team have been focused on a unique and powerful aspect of modern ICS protection, namely, the ensuring of one-way data flow between ICS devices and support infrastructure, often sitting on the conventional side of the IT/OT interface, and usually laden with direct and dangerous connections to the Internet. Below is a summary of our conversation:

EA: Lior, what is meant by a unidirectional gateway?

LF: A unidirectional security gateway is an advanced technology that adds a physical layer of cyber security to the industrial network perimeter to eliminate the risk of remote online attacks, while enabling operational and business processes to continue as usual. These types of gateways physically permit network traffic to flow from OT networks to IT and corporate networks, without the possibility of any traffic flowing back into the OT network.

EA: Tell me more about how this works? How is a unidirectional gateway designed?

LF: Waterfall’s unidirectional gateways are built from a combination of hardware and software. Unidirectional gateway hardware consists of a fiber-optic transmitter unit, coupled to a receiver with a short piece of fiber. Unlike standard fiber-optic equipment, the transmitter has no receiver, and the receiver physically has no transmitter on the circuit board. The equipment is physically able to send information only one way – out of the industrial network. Unidirectional gateway software replicates servers and emulates devices to offer the customer off-the-shelf solutions for the most popular industrial software used in the market. The software can also replicate many IT solutions to fit a customer’s requirements for complete protection of industrial networks from remote cyberattacks. Further flexibility can be seen in our DIN Rail form factor, and the myriad of ways customers can configure our modular, rack-mount systems.

EA: Do you see industrial engineers paying more attention recently to cyber security?

LF: Given the frequency of cyberattacks over the last few years, I don’t believe engineers in industrial environments have any choice but to pay attention. And there is more interest, however the question is this: Do we pay enough attention to the real difference in approaching OT networks that control physical assets? Many practitioners still approach OT cyber security with an IT-based tool set, which, unfortunately, can lead to dire consequences. When OT physical assets are at stake, we need solutions that provide physical barriers against attacks at OT network perimeters to eliminate the possibility of any attack getting through.

EA: How easy (or hard) is it for existing IT security solutions to be adjusted or extended to deal with OT threats?

LF: It’s not a question if it’s easy or hard – the question is whether IT-based security can succeed at all in eliminating the possibility of an online cyberattack from compromising physical operations via the industrial control network. IT security solutions are all software. All software has vulnerabilities, which opens the possibilities to be hacked, and OT networks cannot afford any possibility of being hacked. It is simply not possible to adjust or extend an IT software security solution to adequately protect an OT network from cyberattacks originating from external networks. Take firewalls, for example. Long the standard for first-line defense across IT networks, firewalls are no challenge for modern cybercriminals. Firewalls are porous by nature, meaning they are designed to allow for bi-directional data flows, allowing hackers to easily hitch a ride on a seemingly legitimate incoming message that passes through the IT firewall, which is then used to launch malware inside the IT network to steal business or other data. Now, imagine that same intrusion and the potential impact when hackers breach a firewall to reach an ICS. Firewalls, IDS, and other IT-based solutions clearly have a role to secure corporate networks. They cannot, however, be the sole barrier between a cybercriminal and an ICS.

EA: Do you think the nightmare scenarios so popular in the media regarding OT infrastructure attacks on power systems or nuclear infrastructure are possible?

LF: We’ve already seen real examples of such attacks, such as the one that shut down the power to a quarter of a million Ukrainians in 2015. The increasing use of ransomware proves that cyber extortion is profitable, demonstrating to cybercriminals that they can improve their fortunes by getting a hold of physical assets until payment is made. Fortunately, in many countries, industrial plants containing nuclear or other critical infrastructure must already be protected by unidirectional gateway technology, which prevents remote attacks from entering an ICS network. In most countries though, far too many critical infrastructure facilities rely on IT-based solutions that can always be breached. Despite the existence of physical cyber protection provided by Unidirectional Gateways, too many facilities and other businesses, like manufacturing and transportation systems, are protected by IT-class solutions leaving them in dire danger of cyberattack.