Story image

A/NZ firms must reconsider their approach to airgapped networks, US security expert warns

06 Apr 2018

A US security expert is warning New Zealand and Australian organisations that traditional ‘airgap’ solutions are not the best approach to defending against cyber attacks.

OPSWAT senior vice president Tom Mullen has extensive experience in dealing with US critical infrastructure security.

He believes that organisations seeking the ultimate defence against cyber attacks should consider alternative approaches to airgapping, particularly as best-practice responses in airgapped network security are changing as cyber attacks escalate and technology changes.

He believes that some airgapped network implementations do not used advanced security technologies like automated data sanitisation and behavioural analysis tools.

Those organisations that lack advanced technologies can face higher than necessary costs surrounding network maintenance.

Mullen will present a panel at the upcoming ACSC conference in Australia that looks at best practices for security critical/regulated infrastructures within the United States. It looks at how nuclear power facilities use OPSWAT technology to inspect portable media as part of audits and cyber threat scanning.

“In air-gapped environments, portable media are typically used for software patching and updates, and exporting logs,” a statement says.

Mullen also says air-gapped or isolated networks can be operated more cost effectively without compromising security.

“We have customers focussed on using automation who are not processing all incoming data through physical kiosks,” he explains.

“For example, you can use private subnetworks, where everything remains connected. There are markets that expect this approach.”
 
Australian and New Zealand companies that operate airgapped networks must be aware of the risks – and this is not just limited to one region, comments emt Distribution CMO Scott Hagenus.

He believes airgapped and isolated networks are not only used by operators of critical infrastructure, defence and secure government organisations.

 “We see manufacturing, healthcare, insurance and labour hire organisations that are looking up to step up their security. Even political parties and news organisations are now setting up air-gapped or secure networks to protect their most sensitive information,” he explains.

“For example, one organisation that relies heavily on customer supplied documents via uploads, email and media had suffered repeated ransomware attacks through files submitted to their business.

OPSWAT developed a platform called MetaDefender that provides vulnerability protection. It also sanitises data through content ‘disarm and reconstruct’ technology.

It works with more than 40 anti-malware engines to organisations’ connected and air-gapped networks. The solution protects at web proxy, email, portable media and endpoint levels, covering the most commonly targeted attack surfaces.

Emt Distribution is the distributor for OPSWAT technology in New Zealand and Australia.

 “Data sanitisation solutions prevent those attacks by removing any active content, without destroying the integrity of the files,” Hagenus concludes.

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.