The Battlestar Galactica Approach to SCADA Security
Sometimes science fiction can help shape and predict real technology trends and advances. In the cold war we saw the likes of Jerry Pournelle and Larry Niven contribute ideas to President Ronald Reagan’s “Star Wars” or Strategic Defense Initiative. It has been said more than once that trying to keep up with SDI was one of the things that helped bankrupt the Soviet Union. Of course, now we face the irony of having survived the cold war only to have Putin come back with something that looks a lot like our Project Pluto aka the Flying Crowbar, one of the rare weapons so horrific and ghastly that even the defense folks decided that it might be best to not build it.
Battlestar Galactica, the campy 1978 TV space opera featured evil robots bent on the destruction of mankind. In the original series, they were rather slow and inept – in line with the state of the art computing of the day (green screen, anyone?). The series was remade in most epic form in 2004, part of the vanguard of the grimdark revolution that swept entertainment, particularly science fiction and superhero material. One of the central tenets of the series is that since the enemy Cylons were robots, they would be particularly skilled at hacking and exploiting computer systems. Because of this, the battlestars, the space-based aircraft carriers used to defend humanity from the threat of Cylon extermination, were built as analog as possible to make them inherently unhackable. I suspect Sun Tzu would probably have something to say about the wisdom of avoiding playing to your enemies strong hand.
Which brings us to the Securing Energy Infrastructure Act. Nextgov did a good job covering the story, but members of the US Senate Energy and Natural Resources Committee are pushing a bill that would enable the study of better ways of defending the power grid and mitigating and recovering from attacks with an emphasis on investigating analog, manual but unhackable ways of managing the power grid.
Part of the inspiration for this attention to the security posture of the US electrical grid is likely the December, 2015 attack on the Ukraine, where hackers phished power workers with a macros enabled Word doc that provided a back door into SCADA systems, after which things went dark for hundred of thousands of utility customers. In the Ukraine, they were relatively lucky. While their SCADA systems were well hammered, they at least had manual backup systems that allowed control over the grid. In the US, we would most likely not fare so well.
So, the Galactica approach is certainly one way to go. That said, it is likely that this is not going to work for a lot of organizations and even in places where it might, it is going to be a hard sell. If budgets are a concern, and they almost always are, one way of getting more out of your existing investment in security infrastructure would be to deploy a security fabric using network package brokers, NPBs. You can filter and dedupe traffic, reducing load, enable high availability architectures and leverage the benefits of serial tool chains – and much much more. Learn more about some of the options in our latest ebook, The ABCs of Inline Security.