Which risks can be contained in the area of BCS with the use of the honeyBox®?
IT security risks don't just arise in the office environment. Malfunctions, hacking attempts and threats can also arise in the area of BCS.
Data communication in the area of industrial automation on the basis of Ethernet and TCP/IP is increasingly causing security risks to migrate from the office to the industrial environment. As a result of this, security risks such as denial of service attacks, the manipulation of data and systems (or phishing) can arise to an increasing degree in industrial environments. This means that production and process networks are increasingly threatened by many security risks from the area of office applications and the internet which process IT personnel are barely able to keep track of or to limit.
Security risks in BCS
An effective BCS operates on the basis of smooth networking
Effective building automation provides smooth management, control and optimisation processes in buildings. All of the sensors, actuators and control elements, as well as the other technical systems in a building, are networked with each other. In this respect, decentralised control units are networked with each other via CAN-bus. At the uppermost level of the building automation, the building control technology (BCT) manages the systems. In this context, the individual functional sequences are completed by the parameters that are specified by the BCT on an functionally spanning basis, and therefore simplify the operation and/or the monitoring of the building.
Care is required: The configuration means that serious risks to security can find their way into the BCT
Data communication that flows together in the BCT frequently links adjacent systems together on the basis of Ethernet and TCP/IP. The server on which the data flow together also communicates with the building automation interfaces. This networking serves to support the migration of security risks to the individual areas.
As a result of this, due to open internet connections, security risks such as denial of service attacks, the manipulation of data and systems, or phishing, are gaining increasing access to networked environments in the area of building management. The networking for the improved management and control doesn’t only result in positive synergies, however, it also means that security risks can move from one segment of the network to the other.
Commonplace security solutions are insufficiently sustainable
The security solutions that are frequently used, such as patch management, anti-virus protection, firewalls and IPS are only suitable for the area of building automation to a limited degree, either because additional know-how is required or the operation of the solutions is very time-consuming. This is expressed, for example, in the high levels of maintenance outlay that anti-virus systems require.
.. and the monitoring with IDS/IPS is insufficient
Companies require reliable data about the security status of their network. With IDS/IPS, this cannot, on the whole, be achieved. In contrast to this, with honeypots it is, on the whole, possible to detect cases of unauthorised access.
Situation: You do not use comprehensive monitoring in your LAN. Attacks to your internal systems can, however, cause considerable damage.
Implementation: With the use of the honeypot appliances, you rapidly gain a solution which can be used in order to detect internal attacks to your LAN. This makes changes to the network structure unnecessary.
The result: through the detection and possible logging of attacks, you receive up-to-date notification on whether hackers are active in your network. If required, you can introduce steps so as to contain and analyse the attack.
Find out more about the functionality of the honeyBox® under Technology.