Story image

A/NZ firms must reconsider their approach to airgapped networks, US security expert warns

06 Apr 18

A US security expert is warning New Zealand and Australian organisations that traditional ‘airgap’ solutions are not the best approach to defending against cyber attacks.

OPSWAT senior vice president Tom Mullen has extensive experience in dealing with US critical infrastructure security.

He believes that organisations seeking the ultimate defence against cyber attacks should consider alternative approaches to airgapping, particularly as best-practice responses in airgapped network security are changing as cyber attacks escalate and technology changes.

He believes that some airgapped network implementations do not used advanced security technologies like automated data sanitisation and behavioural analysis tools.

Those organisations that lack advanced technologies can face higher than necessary costs surrounding network maintenance.

Mullen will present a panel at the upcoming ACSC conference in Australia that looks at best practices for security critical/regulated infrastructures within the United States. It looks at how nuclear power facilities use OPSWAT technology to inspect portable media as part of audits and cyber threat scanning.

“In air-gapped environments, portable media are typically used for software patching and updates, and exporting logs,” a statement says.

Mullen also says air-gapped or isolated networks can be operated more cost effectively without compromising security.

“We have customers focussed on using automation who are not processing all incoming data through physical kiosks,” he explains.

“For example, you can use private subnetworks, where everything remains connected. There are markets that expect this approach.”
 
Australian and New Zealand companies that operate airgapped networks must be aware of the risks – and this is not just limited to one region, comments emt Distribution CMO Scott Hagenus.

He believes airgapped and isolated networks are not only used by operators of critical infrastructure, defence and secure government organisations.

 “We see manufacturing, healthcare, insurance and labour hire organisations that are looking up to step up their security. Even political parties and news organisations are now setting up air-gapped or secure networks to protect their most sensitive information,” he explains.

“For example, one organisation that relies heavily on customer supplied documents via uploads, email and media had suffered repeated ransomware attacks through files submitted to their business.

OPSWAT developed a platform called MetaDefender that provides vulnerability protection. It also sanitises data through content ‘disarm and reconstruct’ technology.

It works with more than 40 anti-malware engines to organisations’ connected and air-gapped networks. The solution protects at web proxy, email, portable media and endpoint levels, covering the most commonly targeted attack surfaces.

Emt Distribution is the distributor for OPSWAT technology in New Zealand and Australia.

 “Data sanitisation solutions prevent those attacks by removing any active content, without destroying the integrity of the files,” Hagenus concludes.

JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
CERT NZ highlights rise of unauthorised access incidents
“In one case, the attacker gained access and tracked the business’s emails for at least six months. They gathered extensive knowledge of the business’s billing cycles."
Report finds GCSB in compliance with NZ rights
The Inspector-General has given the GCSB its compliance tick of approval for the fourth year in a row.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
WatchGuard appoints new channel distributors in A/NZ
The appointments will enable WatchGuard to expand its regional channel reseller footprint.