By Thierry Sans, Head of Customer Marketing for Transportation, Oil, Gas and Mining, Nokia
2015 was the worst year ever for cyber-attacks. An estimated 480 million records were leaked around the world as cybercriminals stole vast sums of money and personal data, affecting thousands of people in the process.
The attacks affected all industries. From high-profile government agencies in France, Germany and the UnitedStates, to the breach of a British TV & telecommunications retailer which affected 4 million people. In the US, the FBI now rates cybercrime as one of its top law enforcement activities, and the Obama administration proposes spending $US 19bn on cyber security in the 2017 federal budget, up from $US 14bn in 2016.
As well as government, cyber security is a major concern for the owners of critical national infrastructure, such as major utilities and public transport. Indeed according to a report by market research company IDC Energy, Western European utility companies will spend more of their cumulative €2.81bn IT investment budget on cyber security measures than any other item in 2016.
From analysing the cyber-attacks, it is not just web servers and databases that are under threat, but complete Information and Communications (ICT) infrastructure. So what can their owners, which are increasingly reliant on networking infrastructure to deliver new and efficient services based on cloud and IoT (Internet of Things), do to avoid becoming the next victim of cybercrime?
Protecting communications infrastructure must be a critical element of any counter strategy and we can learn a lot by looking at what is done in an environment where security is of paramount concern: the airport. Here the methodologies and processes used to identify and screen passengers draw parallels with an effective security strategy for communications networks.
For example, upon arriving at the airport, your identity is checked at the check-in counter. It is the same for a network where a Network Access Control (NAC) grants a user or device access, and like the passport, the NAC depends on deploying an identity management solution. After this the focus is on the contents of your luggage. Similarly a Host Integrity Check (HIC) makes sure that for the individual devices accessing the network, anti-virus is up-to-date and any security patches are installed.
Once passed security, the passengers enter the departure area. However, not all people have equal rights and privileges. If you are a frequent flier, you may access the airport lounge, or if you are a member of the cabin crew, you will access the plane before the rest of the passengers. Security personnel can access all areas. In a network environment, User Network Profile (UPN) and service management can offer similar tiered privileges. For instance, someone working in R&D should have different access rights than a sales person.
When preparing flights, passenger luggage is sorted in a highly secure area and placed in a locked container before loading onto the aircraft to guarantee its integrity. The same principle applies in an IP network where data packets can be protected using encryption mechanisms, which is done at different levels of the network: physical level (L1), data link level (L2) or routing level (L3).
Like an airport, which deploys perimeter fences to secure its borders, a secure network deploys perimeter security measures through dynamic packet filtering in firewalls. Likewise where CCTV and video analytics software is used to detect suspicious behaviour, networks utilise Intrusion Detection Systems (IDS) andIntrusion Prevention Systems (IPS). A network’s Unified Threat Management Solution (UTM) is the equivalent of a centralised Security Control Centre.
The airport example reflects the range of security techniques used to protect a potentially vulnerable location. It is similar situation for cyber security for communications networks. This is often a daunting subject due to the high skills involved for deployment. Yet by breaking it down into understandable pieces, it is clear that deploying a secure network should no longer be reserved for the knowledgeable few, but available to everyone to ward off the very real threat of cybercrime.
To find out more about Nokia’s security solutions, click here.
Make your live experience in our Nokia Security Center, click here
– AAA: authentication, authorization, and accounting
– ACL: Access Control List
– DDOS: distributed denial-of-service
– HIC: Host Integrity Check
– IDS: Intrusion Detection System
– IPS: Intrusion Prevention Systems
– L1, L2, L3: Layer 1, 2, 3
– NAC: Network Access Control
– NGE: Network Group Encryption
– QoS: Quality of Service
– SLA: Service Level Agreement
– UPN: User Network Profile
– UTM: Unified threat management
– VLAN: Virtual Local Area Network
– VPN: Virtual Private Network
Share your thoughts on this topic by replying below – or join the Twitter discussion with @nokianetworks using #security or #cybersecurity