TechnologySeptember 15, 2022

Enhancing Cybersecurity for Connected Serial Devices

To monitor power usage and quality, the power supply equipment including switchgears, PDUs, and UPSs connect to networks to allow operators to receive real-time information. .

High-profile cyberattacks targeting critical infrastructure has underlined the need for industrial organizations to prioritize cybersecurity. This article discusses the challenges industrial operators face and solutions that enhance cybersecurity with minimal effort.

Industrial network security is not a luxury option anymore — it is a necessity. A spate of high-profile cyberattacks targeting critical infrastructure has underlined the need for industrial organizations to prioritize cybersecurity.

No matter which industry you are in, potential threats are everywhere. Recent incidents include hackers shutting down a fuel pipeline and demanding millions of dollars in ransom payments, and a ransomware attack against self-service ticketing machines of a UK railway company that took the machines offline.

Needless to say, these types of cyberattacks lead to tremendous cost and inconveniences to industrial operators and their end users. To make matters worse, predicting where the next cyberattack is going to strike is almost impossible, meaning that anyone or anything connected to a network can be a target.

To enhance network security, companies can replace equipment with newer models that features embedded security functionality. However, replacing equipment will be costly and involve significant efforts in deployment and installation. Besides, legacy equipment is most likely still in a good working condition. A more realistic option is to update the security patches of existing equipment. Unfortunately, some legacy equipment still use legacy operating systems that do not support the latest security patches anymore — Windows XP being one such example. In this article, the cybersecurity experts at Moxa discuss the challenges industrial operators face and the solutions that enhance cybersecurity with minimal efforts.

Serial device servers feature basic security functions such as user authentication and accessible IP list to ramp up device security with device access control.

Serial device servers feature basic security functions such as user authentication and accessible IP list to ramp up device security with device access control.

Challenges to Secure Edge Networks

To improve operational efficiency, industrial operators must take advantage of the capabilities of today’s networks to realize real-time remote monitoring. However, it also means that field devices can’t be air-gapped any longer.

The first challenge is connecting legacy equipment that use RS-232/422/485 communications to your local area network (LAN) or the Internet, which uses Ethernet communications. Serial-to-Ethernet devices, such as serial device servers or protocol gateways depending on the application’s required transparent transmissions or protocol conversions can connect serial-based equipment to Ethernet-based networks.

Once legacy devices are connected, security concerns unfortunately raise their ugly head, especially if the connection doesn’t have proper protection. Therefore, it’s essential to find a serial-to-Ethernet device that ensures secure connectivity without replacing existing serial devices.

How to Choose a Secure Serial-to-Ethernet Device

Today’s security standards, such as IEC 62443 and NERC CIP, are available to help secure your network infrastructure. These security standards include guidelines that help verify qualified networking devices and component suppliers. Thus, it’s an easy way to find a secure serial-to-Ethernet device that complies with industry security standards. Moxa is an IEC 62443-4-1 certified networking solution provider, and the design of Moxa serial-to-Ethernet devices is based on the IEC 62443-4-2. With security embedded functions, Moxa serial-to-Ethernet devices enhance network security and reduce the chances of unwanted actors accessing serial equipment through Moxa devices.

Two Real-world Examples: Enhancing Cybersecurity

Moxa secure serial device servers and protocol gateways have helped customers ramp up their connectivity security in a variety of industrial applications. To demonstrate, here are two real-world examples showcasing how Moxa NPort 6150 serial devices servers and Moxa MGate MB3000 protocol gateways strengthen cybersecurity in the energy industry.

Problem 1: A Moxa customer with over 600 gas stations in the U.S. required real-time monitoring of the levels in their oil tanks with “ATG” — Automatic Tank Gauge, usually with serial interfaces — to schedule inventory replenishments as needed at remote sites. They also needed data from POS terminals at gas pumps to be sent back to the store for transaction processing and records. These connectivity requirements are security sensitive.
Information regarding the tank levels needs to be well secured so that it could not to be manipulated, and the POS data contains confidential information of consumers, which needs to be further protected. To enhance connectivity security, the connection between the gas station and the in-store IT room also requires protection. In addition, to ensure the connected devices are operating at accepted security levels, IT personnel are required to execute vulnerability scans periodically to update firmware and security patches, keeping the communication systems safe.

Solution: Moxa NPort 6150 serial device servers feature basic security functions such as user authentication and accessible IP list to ramp up device security with device access control. During operations, Moxa products support a data-encryption function to enhance transmission security when sending serial data over Ethernet. To make the daily maintenance easy for IT personnel, the NPort 6150 serial device servers support tools to make the configuration and management of many devices easy.

Problem 2: A data center service provider and its data centers have been frequent targets of cyber intruders, resulting in data losses and significant penalties over the past five years. To reduce the chances of being hacked, cybersecurity has become a corporate-level initiative. Security risk assessments do not focus solely on vulnerabilities in the server rooms, but also extend to all network entry points, including the power sources that supply the server rooms.

Solution: To monitor power usage and quality, the power supply equipment including switchgears, PDUs, and UPSs connect to networks to allow operators to receive real-time information. Moxa MGate MB3000 protocol gateways bridge communication between serial-based Modbus RTU devices such as power meters used inside power supply equipment and the Ethernet-based SCADA systems in the control center. When corporate IT personnel are required to perform a vulnerability scan, they can scan thousands of MGate MB3000 protocol gateways so that they can take immediate action if they identify a vulnerability.

To make IT personnel’s work easier, Moxa also performs vulnerability scans periodically and, if needed, takes necessary action, such as updating security patches and firmware to reduce potential threats. In addition, Moxa MGate MB3000 protocol gateways feature an easy-to-use configuration tool in both GUI and CLI format, helping OT and IT users easily handle mass firmware updates. Moxa MGate MB3000 protocol gateways not only allow customers to monitor power usage in their serial-based devices but also ease their security concerns and daily operation efforts at the same time.

Technical article by Moxa