#1 ICS and SCADA Security Myth: Protection by Air Gap

In his blog article, Fix the Problem, Stop Bailing out Vendors, Dale Peterson made a brief comment about “fantasy of the air gap”. It was an important comment, but one I think got lost in the other messages Dale offered. So today, I am going to focus on the topic of air gaps.

The existence of an “air gap” between control system networks and the rest of the world has been one of the most enduring fairy tales in the field of SCADA / ICS security. The idea is that in a properly designed system, there is a physical gap between the control network and the business network. Since digital information cannot cross such a gap, bad things like hackers and worms can never get into critical control systems. From this, a corollary flows: “Companies that get worms in their systems obviously have not created the proper air gap and deserved to be infected.”

Now there are many materials supporting the idea of the air gap. Every week a new SCADA and ICS vulnerability notice comes out and every week end users get to read statements like this:

“In addition, it is important to ensure your automation network is protected from unauthorized access using the strategies suggested in this document or isolate the automation network from all other networks using an air gap...”


No comments:

Post a Comment