Security experts: Critical Infrastructure networks cannot be effectively protected

Physical intrusion, malicious it, and lack of good defense technologies make it difficult to effectively protect critical infrastructure networks.

According to some security experts, helping water supply facilities, power plants and manufacturing operate and manage critical infrastructure networks is more vulnerable to a series of different threats than most information technology systems, it is difficult to defend against certain types of attacks.

"For information security management personnel, they only need to worry about malware, vulnerabilities, and external attackers, while operating technology (OT) security management personnel must be more worried about physical intrusion, malicious employees, and internal security boundaries built by unauthorized information technology ". Michael Phillips, head of corporate information security at centerpoint energy, said during the RSA Security Conference in San Francisco.

Most Critical Infrastructure networks are trying to isolate it from ot for independent operations. "In a typical ot Environment, Physical access is still a greater risk for us ." Phillips said.

The security of critical infrastructure has become a major problem facing countries. Previous cybercriminals and hackers used the Stuxnet worm to launch attacks against Iran's nuclear facility, which has shown the world its ability to attack Industrial Control Systems (ICS.

Since then, security researchers have been increasingly concentrated in the use of popular monitoring and control protocols to find technical vulnerabilities, known as supervisory control and data collection, or SCADA. In 2013, more than 20 SCADA vulnerabilities were discovered and reported to HP's zero day rewards program, two times that of the previous year.

Through phishing emails, attackers have a 18% success rate of entering the company's critical infrastructure. On average, they only need 2 to obtain the key domain controllers on the IT network? 4 hours.

At the RSA Conference, many security vendors were promoting their latest defense technologies. "Most of these products are not suitable for industrial control and operation environments. Because most security products are designed for information networks rather than operation networks ." Scott Saunders, information security officer of Sacramento, informed attendees. "They seem to be very powerful, but the environment we face is not connected to it environments with traditional malware. We can detect traditional malware, but we can never detect anything in our system environment ."