Is a Critical Infrastructure Network the Answer to Cyber Attacks?

After a 2015 attack on a state power company and following reports that hackers are actively targeting the U.S. power grid, policy experts and researchers are actively examining the feasibility of shifting critical infrastructure off the Internet to a separate, secured network.

The efforts, in early stages, were spurred by a recommendation made in August 2017 by the National Infrastructure Advisory Council to explore the creation of separate networks for critical infrastructure to move essential operations off the Internet. The report called for “dark fiber networks for critical control of system traffic and reserved spectrum for backup communications during emergencies.” In addition, the council recommended a private-sector-led pilot of machine-to-machine information sharing so potential cyber threats could be shared and identified more readily.

The U.S. Department of Homeland Security’s warning was hard to miss: “There is a narrow and fleeting window of opportunity before a watershed, 9/11-level cyber attack to organize effectively and take bold action,” the report stated.

Deal-Breaking Complexities

Since the NIAC’s edict, there have been a variety of efforts to explore the possibility, and the idea was the focal point of discussion at a panel at the recent RSA conference. Rob Knake, a senior research scientist in cyber security and resilience at the Global Resilience Institute at Northeastern University and chair of the panel, is heading up a multi-year project to examine the policy, management, and cost concerns associated with creating a Critical Infrastructure Network (CIN) that would move control system operations off the public Internet.

The idea, Knake says, has been kicking around for a while, but there are potentially deal-breaking complexities, not to mention the question of cost.

“The Internet was set up for the purpose of connecting academic research among a closed set of universities sponsored by DARPA, but it’s grown into something that is used for everything, including critical infrastructure, and it wasn’t designed for that,” says Knake. “Those that work in the Department of Defense or the intelligence world operate on a network that is physically and logically separated from the public Internet—a classified network with technical and legal protections. The thinking is that it may make sense to apply the model to the private sector.”

At face value, the model may seem to transfer, but there are real practicalities that stand in the way, Knake says. Government networks are managed and controlled with legal backing and governance over who has access and there are penalties for misuse.

That model doesn’t easily transfer when you begin to involve the private sector, he explains. In addition, there are the financial considerations. “To stand this up and move over to it, you have the basic question of who’s going to pay for it because it’s not likely to come cheap,” Knake says. “Also, asking competitors to collaborate on the development and use of [a CIN] is a major barrier.”

Finally, one of the biggest inhibitors is that the notion of what constitutes a network has changed. Offloading critical infrastructure to a separate network is akin to a perimeter-based security model, which doesn’t fit with the modern utility infrastructure, which is moving towards microgrids. There will also be challenges related to managing the thousands of people and third-party management that will need access to the network, which introduces the possibility of insider security risks.

“If you believe the hype at RSA, the perimeter is now dead and advanced security is all about the end points,” Knake says. “This is not an internal company network where there is a moat and castle model.”

Despite the obvious hurdles to a CIN, Knake’s group and others are moving forward with exploring the possibilities. Oakridge National Laboratory (ORNL), which is billed as the largest U.S. Department of Energy science and energy lab, has an early-stage R&D project underway to improve the nation’s critical energy infrastructure. The DarkNet project, backed by $10 million in funding, is looking at how to create a secure energy delivery control system network that uses the existing “dark fiber” of the Internet, which is the unused optical fiber. It also has a quantum physics initiative underway to develop a quantum-rooted grid security framework, which will reveal any attempt to read information in real-time, detectable changes.

“We’re looking at a proof of concept to see what it means in terms of the cost benefits,” said Peter Fuhr, distinguished scientist, director, grid security, Tech Director UAS Research Center, at ORNL, at the recent RSA panel. “The current way of doing cyber security is just not sustainable from a fiscal perspective.”

The current means of securing critical infrastructure may be under stress, but a CIN won’t fully address the primary ways critical infrastructure and industrial networks can be penetrated, notes Andrew Bochman, senior grid strategist, National & Homeland Security for the Idaho National Laboratory. Industrial networks could be infiltrated through existing business and IT systems, remote diagnostics of operational equipment, or by humans brought in for maintenance.

“Creating a CIN doesn’t erase two of the pathways—sneakerware and remote diagnostics,” he says. “Nevertheless, it’s definitely worthy of exploration.”