Written on Modified on
Practical Cases in Enhancing Cybersecurity for Connected Serial Devices
In this article, moxa discusses the issues that industrial operators confront, as well as solutions that improve cybersecurity with minimum effort.
Industrial network security is not an option anymore—it is a necessity. A spate of recent cyberattacks targeting critical infrastructure has underscored the need for industrial leaders to prioritize cybersecurity. Needless to say, these types of cyberattacks lead to tremendous cost and inconveniences to industrial operators, investors and end-users. To make matters worse, predicting where the next cyberattack is going to strike is almost impossible, meaning that anyone or anything connected to a network can be a target.
To enhance network security, you can replace equipment with newer models that feature embedded security functionality. However, this will be costly and involve time-consuming efforts in deployment and installation. Besides, legacy equipment is most likely still in a good working condition. A more realistic option is to update the security patches of existing equipment. Unfortunately, some legacy equipment still uses legacy operating systems that do not support the latest security patches anymore—Windows XP is one such example.
Challenges to Secure Edge Networks
To improve operational efficiency, industrial operators must take advantage of the capabilities of today’s networks to realize real-time remote monitoring. However, it also means that field devices can’t be air-gapped any longer. The first challenge is connecting legacy equipment that uses RS-232/422/485 communications to a local area network (LAN) or the Internet, which uses Ethernet communications. Serial-to-Ethernet devices, for instance, serial device servers or protocol gateways depending on the application’s required transparent transmissions or protocol conversions, can connect serial-based equipment to Ethernet-based networks.
Once legacy devices are connected, security concerns unfortunately raise their ugly head, especially if the connection doesn’t have proper protection. Therefore, it’s essential to find a secure serial-to-Ethernet device that ensures secure connectivity without replacing existing serial devices.
How to Choose Secure Serial-to-Ethernet Devices
Nowadays, security standards such as IEC 62443 and NERC CIP are available to help secure network infrastructure. These security standards include guidelines that help verify qualified networking devices and component suppliers. Thus, it’s an easy way to find a secure serial-to-Ethernet device that complies with industry security standards.
Moxa is an IEC 62443-4-1 certified networking solution provider, and the security design of its serial-to-Ethernet devices is based on the IEC 62443-4-2. With security embedded functions, these serial-to-Ethernet devices enhance network security and reduce the chances of unwanted actors accessing serial equipment through Moxa devices.
Moxa's secure serial device servers and protocol gateways have helped its customers ramp up their connectivity security in a variety of industrial settings. To show how Moxa has helped its customers enhance cybersecurity, below are two real-world examples, showcasing how Moxa NPort 6150 serial devices servers and MGate MB3000 protocol gateways strengthen cybersecurity in the energy industry.
Ramping Up Connectivity Security for Gas Stations
A Moxa customer owning over 600 gas stations in the U.S. required real-time monitoring of the levels in their oil tanks with ATG (automatic tank gauge, usually with serial interfaces) to schedule inventory replenishments as needed at remote sites. They also needed data from POS terminals at gas pumps to be sent back to the store for transaction processing and records. These connectivity requirements are security sensitive. Information regarding the tank levels needs to be well secured so that it could not to be manipulated, and the POS data contains confidential information of consumers, which needs to be protected.
To enhance connectivity security, the connection between the gas station and the in-store IT room needs to be protected. In addition, to ensure the connected devices are operating at accepted security levels, IT personnel are required to execute vulnerability scans periodically to update firmware and security patches, keeping the communication systems safe.
As a solution, Moxa NPort 6150 serial device servers were installed. The servers feature basic security functions such as user authentication and accessible IP list to ramp up device security with device access control. During operations, the Moxa NPort 6150 supports a data-encryption function to enhance transmission security when sending serial data over Ethernet. To assist in daily maintenance for IT personnel, NPort 6150 serial device servers support tools that make configuration and management of devices easier.
Enhancing Cybersecurity in Data Centers
A data center service provider had been a frequent target of cyber intruders, resulting in serious data losses and significant penalties over the past five years. To reduce the chances of being hacked, cybersecurity had become a corporate-level initiative. Their security risk assessment does not focus solely on vulnerabilities in the server rooms, but also extends to all network entry points, including the power sources that supply the server rooms.
To monitor power usage and quality, the power supply equipment, including switchgears, PDUs, and UPSs, are connected to networks so that operators can receive real-time information.
Moxa MGate MB3000 protocol gateways were installed to bridge communication between serial-based Modbus RTU devices, such as power meters used inside power supply equipment, and Ethernet-based SCADA systems in the control center. Today, when IT personnel are required to perform a vulnerability scan, they scan thousands of MGate MB3000 protocol gateways so that immediate action can be taken if a vulnerability is identified.
To make IT personnel’s work easier, Moxa also performs vulnerability scans periodically and, if needed, takes necessary action, such as updating security patches and firmware to reduce potential threats. In addition, MGate MB3000 protocol gateways have an easy-to-use configuration tool in both GUI and CLI format, helping OT and IT users handle mass firmware updates. Moxa MGate MB3000 protocol gateways not only allow its customers to monitor power usage in their serial-based devices but also ease security concerns and daily operation efforts at the same time.