A/NZ firms must reconsider their approach to airgapped networks, US security expert warns
A US security expert is warning New Zealand and Australian organisations that traditional ‘airgap’ solutions are not the best approach to defending against cyber attacks.
OPSWAT senior vice president Tom Mullen has extensive experience in dealing with US critical infrastructure security.
He believes that organisations seeking the ultimate defence against cyber attacks should consider alternative approaches to airgapping, particularly as best-practice responses in airgapped network security are changing as cyber attacks escalate and technology changes.
He believes that some airgapped network implementations do not used advanced security technologies like automated data sanitisation and behavioural analysis tools.
Those organisations that lack advanced technologies can face higher than necessary costs surrounding network maintenance.
Mullen will present a panel at the upcoming ACSC conference in Australia that looks at best practices for security critical/regulated infrastructures within the United States. It looks at how nuclear power facilities use OPSWAT technology to inspect portable media as part of audits and cyber threat scanning.
“In air-gapped environments, portable media are typically used for software patching and updates, and exporting logs,” a statement says.
Mullen also says air-gapped or isolated networks can be operated more cost effectively without compromising security.
“We have customers focussed on using automation who are not processing all incoming data through physical kiosks,” he explains.
“For example, you can use private subnetworks, where everything remains connected. There are markets that expect this approach.” Australian and New Zealand companies that operate airgapped networks must be aware of the risks – and this is not just limited to one region, comments emt Distribution CMO Scott Hagenus.
He believes airgapped and isolated networks are not only used by operators of critical infrastructure, defence and secure government organisations.
“We see manufacturing, healthcare, insurance and labour hire organisations that are looking up to step up their security. Even political parties and news organisations are now setting up air-gapped or secure networks to protect their most sensitive information,” he explains.
“For example, one organisation that relies heavily on customer supplied documents via uploads, email and media had suffered repeated ransomware attacks through files submitted to their business.
OPSWAT developed a platform called MetaDefender that provides vulnerability protection. It also sanitises data through content ‘disarm and reconstruct’ technology.
It works with more than 40 anti-malware engines to organisations’ connected and air-gapped networks. The solution protects at web proxy, email, portable media and endpoint levels, covering the most commonly targeted attack surfaces.
Emt Distribution is the distributor for OPSWAT technology in New Zealand and Australia.
“Data sanitisation solutions prevent those attacks by removing any active content, without destroying the integrity of the files,” Hagenus concludes.