Secure Remote Access for Critical Infrastructure: What’s at Stake?
OT Remote Access needs to be far more secure than IT remote access. There is a good reason why.
Waterfall team
In our hyper-connected world, critical infrastructure—power plants, water systems, transportation networks, airports, seaports, and anything else that can’t simply be “turned off”—is the backbone of modern society. These systems provide essential services that underpin daily life and economic stability. However, as these infrastructures become increasingly digitized and interconnected, the challenge of securing them from cyber threats becomes ever more important.
One of the most significant vulnerabilities when it comes to OT security for critical infrastructure are the risks posed by the use of remote access into OT. While remote access is essential for operational efficiency and emergency response, it also opens doors for potential cyberattacks. Understanding what’s at stake and how to address these challenges is vital for understanding what is required when it comes to securing critical infrastructure.
Critical infrastructure is a juicy target for cybercriminals [and] nation-state actors…
The High Stakes of Critical Infrastructure
Critical infrastructure is a juicy target for cybercriminals, nation-state actors, and hacktivists. A successful breach can lead to:
Widespread Disruption: An attack on the power grid could result in prolonged blackouts, affecting millions. Similarly, a breach in water systems could disrupt supply or even compromise water safety.
Economic Impact: Downtime in transportation networks or energy systems can cost billions in lost productivity and revenue.
Public Safety Risks: Malicious actors could manipulate transportation systems, potentially causing accidents, or disrupt healthcare facilities reliant on stable power.
National Security Threats: Infiltration of critical systems can serve as a precursor to broader attacks during geopolitical conflicts.
You get the picture. Critical infrastructures are heavily cyber-targeted. And at the same time the option of “turning it off” is not a good option, and if it does go off, it must come back on as a top priority.
Challenges in Securing Remote Access
Securing remote access to critical infrastructure is uniquely challenging due to several factors:
So Many Legacy Systems: Many critical infrastructure systems run on legacy technology designed decades ago. Back then they didn’t build with cybersecurity in mind. Retrofitting or replacing these systems with modern security measures is overly complex and not cheap.
The OT vs IT Standoff: OT environments prioritize availability and safety, while IT focuses on data confidentiality and integrity. Bridging this cultural and technological gap is a persistent challenge across many critical industries. Large strides have been made on this issue with Cyber-informed Engineering (CIE). One interesting facet about CIE, which was originally championed by the Idaho National Laboratory, is that it presents new solutions to cyber security problems that don’t need to exist in the first place.
Get a complimentary copy of Andrew Ginter’s new book on this topic >>
Far and Away: Critical infrastructure often spans vast and distant areas, requiring remote access for maintenance and monitoring. This reliance on remote connectivity increases the attack surface if not done in a way that deterministically keeps away remote threats.
Cloudy with a chance of Third-Party Access: Vendors and contractors often require remote access for system updates and repairs. Sometimes that access is even required as part of warranty agreements. Many of the more recent analytical services require connecting critical machinery to the cloud. This external access poses a significant attack surface.
Advancing Advanced Threats: Attackers targeting critical infrastructure are often highly skilled and well-funded, employing sophisticated methods such as supply chain attacks and zero-day vulnerabilities. They seem to be growing as governments are able to build-up and develop their cyber capabilities.
Hardware Enforcements for Secure Remote Access
Despite all these challenges and evolving threats, Waterfall has several solutions to all these problems:
HERA – Hardware Enforced Remote Access. HERA uses hardware to enforce the remote access. Software can be hacked from afar, but hardware can only be modified when you are standing right next to it. This is how HERA provides secure OT remote access:
One-way remote screen connection: HERA’s outbound connection that shows the remote screen is independent of the inbound connection. The remote screen is duplicated using a one-way fiber-optic cable and then that duplicate is viewed remotely. The hardware required for sending information back through this connection is physically missing, denying such a possibility to cyberattackers.
One-way connection for mouse and keyboard: HERA’s inbound connection also flows in only one direction, from a dedicated laptop using the ███████ protocol, and only transmitting mouse movements and keyboard strokes. No files or images can be uploaded over this connection. No information from this connection can flow back into the laptop, only outbound, and only mouse moves and keys.
There are no TCP/IP packets crossing the IT/OT boundary. If you’d like clarification regarding this technical point, we encourage you to speak to one of our OT remote access specialist that can fully explain how it works Contact us >>
Additional hardware measures for additional security: Additional security measures are in place on the embedded hardware of the laptop, such as Intel’s TPM, while the keystrokes and mouse moves are encrypted.
The Strictly Unidirectional Option: For certain systems and machinery, a Unidirectional Security Gateways will suffice, without the need for full remote access. The machinery’s OT data is duplicated onto a server which is then accessed remotely. The data going to the duplicate server is constantly updated in real-time using a unidirectional connection. This way it can be updated immediately, yet not a line of code can ever make it back onto the machinery’s systems. If occasional changes need to be made remotely, the remote user can phone someone physically near the machinery and have them make the required adjustments.
Tamper-proof Logs: While unidirectional technology is able to neutralize remote threats, there still persists the risk from insiders as well as embedded threats -threats that might come from foreign-made machinery that has a “backdoor” embedded into the technology, such as ship-to-shore cranes. Cyberattacks that make use of such sophisticated attacks are known for “covering their tracks” and erasing event logs of their actions. By maintaining a tamper-proof copy of the logs, if any breach is ever suspected, the logs can be compared for any discrepancies so that whatever was deleted is quickly found. This usually also helps narrow down what the attackers were after.
Let’s Not Forget Compliance and Regulations
Unidirectional technology and hardware enforced OT remote access also boast strong regulatory compliance. This includes adherence to IEC 62443, NIS2, NERC CIP, and many more, including recommended best practices such as connecting OT to AWS (Amazon Web Services).
So, in Conclusion
The stakes for securing remote access to critical infrastructure could not be higher. Disruptions to power, water, or transportation systems can ripple across societies, causing economic turmoil, public safety crises, and national security vulnerabilities. While the challenges in securing remote access for OT are complex, a deterministic approach that combines hardware enforcement with advanced software can neutralize these risks, safeguard these vital systems, and all while adhering to strict regulatory requirements.
In this digital age…the question is not if we can afford to invest in secure remote access but if we can afford not to.
In this digital age, ensuring the security of critical infrastructure is not just an operational necessity—it is a strategic imperative. The question is not if we can afford to invest in secure remote access but if we can afford not to.
Want more details about Waterfalls secure remote access solutions?
Speak to an ot remote access expert >>
About the author
Waterfall team
Share
Trending posts
Secure Remote Access for Critical Infrastructure: What’s at Stake?
From Blind Spots to Action: OT Threats Exposed
Where does IT Security END and OT Security BEGIN?
Stay up to date
Subscribe to our blog and receive insights straight to your inbox