USA +1 855 726 4878  |  BR +55 11 3069 3925 

How Privileged Access Management Helps Protect Critical Infrastructure Systems

by | May 23, 2019 | BLOG

Critical systems, or critical infrastructure, is currently a subject unknown to many. However, an incident in these environments can have serious consequences on the economic, social, and safety aspects of the population. Services and facilities such as water supply and treatment, energy, telecommunication, transport, and other systems are defined as critical infrastructures. Due to the fact that these services are essential to the population, the concern to protect and control access to this type of infrastructure has attracted attention from companies and governments in order to find effective measures to protect these systems against malicious attacks. With the emergence of Industry 4.0, critical infrastructure environments were also automated and new technologies were integrated into their activities. Many of these critical services use proprietary and internal protocols for communication. Others, however, became computerized, connecting objects, machines, and systems to control the conditions of the equipment that sustains all critical infrastructure through communication networks such as the Internet. ICS – Industrial Control Systems – are responsible for the integration of hardware and software with the network. This integration includes some components, including SCADA – Supervisory Control and Data Acquisition -. the most commonly used nowadays which processes, controls, and acquires data remotely in real time. ICS systems receive alerts from different components through SCADA, which in turn collects and forwards data between devices. These devices can be, for example, sensors and thermometers, and are still remotely responsible for providing their operators with the management and control of the data. Although they have similar concepts, the Internet of Things (IoT) devices are connected to the Internet, while Industrial Control Systems connect physical devices and infrastructures. However, it is worth mentioning that IoT is also present in the industries and services, and it participated in the automation process, making it easier for the use of different devices through the collection of data from one to another. SCADA software is able to warn and record events and aspects that are fundamental to the operation of the systems. Because of their importance to governments and to society, ICS and SCADA are constant targets of malicious agents, mainly terrorist groups. These agents aim to destabilize essential services to the population, which can bring serious impacts to cities, states, or even whole nations. In 2010, the Stuxnet virus – targeted at SCADA software – was able to stop Iranian uranium centrifuges by increasing the speed of rotation and sending false messages to other controllers that the rotation was working as it should.  A more recent case of an attack to ICS systems has occurred in 2017 through the TRITON malware, which had the task of reprogramming the controllers of a petrochemical plant in Saudi Arabia to cause an explosion. Fortunately, due to an error by the malicious agent, what happened next was only a shutdown of the whole system. Many ICS systems are legacy-based and have minimal – or in some cases no – authentication control. This lack of control allows all operators to have access to data and network components. This absence of caution with the authentication on such critical systems is a major risk because unauthorized access or human error can be fatal in this type of infrastructure. To access ICS systems, attackers first invade the computers connected to the Internet, moving in the infrastructure until they find a credential that has the privileges of access to the SCADA software. This was the case with the TRITON malware, which became unnoticeable in the system during its invasion through the theft of credentials. This type of attack can take a long time to be unveiled, since the attacker camouflages themselves like any other user when performing their actions. In addition, a malicious attacker can infiltrate systems that have no authentication control, remaining there for days, months or even years without being noticed. During this period of time, they can get a lot of data and even shut down a service. The consequences of such attacks can lead to a blackout in a power provider, or even increase the level of substances to be placed in a water treatment system. Industries, companies, government, and others operating critical infrastructure systems should be especially concerned with the unrestricted access that these technologies have within their environment. SCADA software and privileged credentials are the pots of gold an attacker wants to find during their invasion. Therefore, the focus of organizations dealing with critical infrastructure should be to make access to and use of these assets more difficult. To apply this great security practice, some tools may be essential to protect these environments.   A Privileged Access Management (PAM) solution can help create access controls for sensors and other infrastructure devices, ensuring that they are not accessed improperly.  A PAM solution allows the protection of ICS/SCADA via the following functionalities:
  • Credential Management – You can manage credentials in a number of environments, systems, and applications. A PAM solution allows you to define administrator users who will be granted the use of a password for physical access, and the group of users who can use the remote access offered by the solution to access a target device or system;
  • Remote Session with Recording Features – the PAM solution may allow the recording and storage of all remote sessions performed. The session video files must be stored in a secure, encrypted, and protected storage repository;
  • Indexing of input and output logs – all text inputs, in addition to the actions logged, must be indexed along with the video session time, allowing you to search for any command. In this way, you can quickly find any command executed during a remote session;
A PAM solution has features and functions that can help create a more secure and controlled environment for ICS systems. Thus, implementing this type of solution results in a more secure and protected environment in any organization that uses ICS/SCADA in its infrastructure.  The result is the assurance that no suspension in key services occurs, either by external or even internal attacks.

$13 million growth investment drives senhasegura’s expansion in North America and the Middle East

Written by Priscilla Silva São Paulo, March 10, 2023 - senhasegura, an award-winning Privileged Access Management (PAM) solution provider that protects corporate IT environments and critical resources from cyber threats, announces a $13 million funding round from...

senhasegura wins CyberSecured 2022 award as best PAM solution in the USA

Written by Priscilla Silva SÃO PAULO, February 28 of 2023 - The 2022 edition of the CyberSecured awards, promoted by Security Today magazine, a brand of 1105 Media's Infrastructure Solutions Group, elected senhasegura as the winner in the Privileged Access Management...

How User and Entity Behavior Analytics Helps Cybersecurity

Cyberattacks are increasingly sophisticated, making traditional digital security tools insufficient to protect organizations from malicious actors. In 2015, Gartner defined a category of solutions called User and Entity Behavior Analytics (UEBA).Its big advantage is...

Best Practices for Consolidating Active Directory

This article was developed especially for you, who have questions about the best practices for consolidating Active Directory. First of all, you need to understand that directory services have the role of organizing important information for companies in a centralized...

senhasegura introduces the “Jiu-JitCISO” concept to show the power of Brazilian cybersecurity

Written by Priscilla Silva São Paulo, January 13, 2023 - "Like Jiu-Jitsu senhasegura is about self-defense. Every company must know how to protect itself and its clients". This is the aim based on the philosophy of the Japanese martial art, but made popular and...