• Email
  • Facebook
  • LinkedIn
  • Twitter
  • Vimeo
Contact Us

Manufacturer's Edge

Transforming Colorado One Company at a Time

  • COVID-19 Resources
    • Main COVID page
    • Product & Services Directory
    • Critical Supply List – Manufacturing Specs
    • Cybersecurity
    • Health and Safety in the Workplace
    • Loans & Financial Resources
    • National/International Resources
    • State Resources
    • Supply Chain
  • About Us
    • Staff and Locations
    • Board of Directors
    • Partners
    • Manufacturing Minutes Newsletter
    • Videos
    • Webinars
    • Success Stories
    • Congressional District Fact Sheets
  • Services
    • Cybersecurity
    • Continuous Improvement
    • Technology Acceleration
    • Supplier Development
    • Sustainable Practices
    • Workforce Development
    • Online Programs
  • Events
  • Small Manufacturer’s AdvantEDGE
  • Manufacturers Connect
You are here: Home / Cybersecurity / Simply Cyber: Securing the Mesh

Simply Cyber: Securing the Mesh

May is for mothers, mudders (go Justify!), and mesh. What?

Wireless mesh networking is—increasingly—our digital connection to the critical infrastructures that gird up (grid up?) our 21st century commercial, political, and social life. This pervasive interconnected mesh is composed of a broad range of devices that enable capabilities like virtualization, Software as a Service (SaaS), cloud computing, and Internet of Things (IoT). May 14 through 21 has been designated as Infrastructure Week (a national week of educational and advocacy events first launched in 2011). Manufacturing is one of the 16 critical infrastructures identified by the US Government, so a look at recent regulatory advice with respect to communications-related infrastructure components seems timely.

Wireless mesh networking is often ad hoc and unplanned: a convenient, cost-effective, and decentralized solution for building connections within and between manufacturing facilities, production equipment, personnel, supply chain, and customers. Cybersecurity improvement plans focus on how to secure those connections with recommended better practices about passwords, firewalls, segmented systems and credentials, selective encryption, and end-user device protection. We check the box that we’ve changed default account settings and patched the software on routers and other telecommunication systems devices. We are mindful about protecting our mobile devices from risky connections through unknown hot spots.

But what do we know about the internal, as-built, unadvertised functionality of that broad range of internetworking devices? (A: More than we knew in 2017.) What is happening at the bill of materials (BOM) level? (A: Troubling data leakage capabilities.) What steps are the US Government and technology companies taking to help manufacturers mitigate potential risks built into trusted infrastructure? Some recent steps are outline below:

  • In February, the heads of six security-related agencies (including NSA, FBI, CIA) recommended to the US Senate Intelligence Committee that US citizens not use devices made by Chinese manufacturers Huawei and ZTE.
  • In March, the Federal Communications Commission (FCC) announced proposed legislation to restrict telecoms operators (including ISPs) from using the FCC’s $8 billion Universal Service Fund (USF) money to purchase equipment from banned vendors like Huawei and ZTE. This will affect smaller telecoms providers; AT&T, Sprint, T-Mobile, and Verizon—the big four—are already banned from using this equipment. Vulnerabilities include hidden backdoors that can allow malware injection and data exfiltration.
  • In April, Cisco recommended that its “set and forget” networking perimeter devices, such as routers and switches, be scanned to identify and remove instances of the Cisco Smart Install Client. This software protocol “can be abused to modify the TFTP server setting, exfiltrate configuration files via TFTP, modify the configuration file, replace the IOS image, and set up accounts, allowing for the execution of IOS commands,” and has been associated with attacks in various countries involving critical infrastructure. Some 168,000 systems worldwide are potentially vulnerable.
  • In early May, the Department of Defense “banned all Huawei and ZTE cellphones, personal mobile internet modems and related products from [military base exchange] locations worldwide” due to concerns about data exfiltration functionality. Mobile phones already owned by service personnel have not yet been banned, however.

The convergence of operational technologies (e.g., SCADA, CNCS, PLCs) and information technologies (e.g., routers, switches, mobile devices) across the manufacturing sector creates opportunities for efficiency—and mischief. Vulnerabilities introduced through virtual connections can compromise plant operations—more than data is at risk. The revised NIST guidelines Framework for Improving Critical Infrastructure Security describes these and other recommendations for mitigating risk within your wireless mesh network and other infrastructure components:

  • Validate supply chain partners. Make sure that supply chain partners are playing by acceptable rules. Beware of counterfeit or poorly manufactured products that can degrade or compromise your network.
  • Limit product add-on features. Make sure that actual product performance matches assumed product performance. Consider including cybersecurity requirements when developing your vendor selection criteria.
  • Evaluate trade-offs between convenience and risk. The easy way (e.g., Cisco’s Smart Install, accepting default features) may not be prudent, especially for systems that are stable and often relied on for background, almost invisible, functionality.

Using reasonable care in selecting, deploying, and using your infrastructure components will help you build a more secure platform on which your (probably increasing) wireless mesh traffic plays. Secure your mesh—reduce potential mess!

Consulting

Featured Consulting

Company transformations

Training

Training

Results-driven training

Events

Events

Browse upcoming events

Success Story

Success Story
Improvements and Expansion Helps Propel the “Fairy Godmother of Fire” to New Heights

Tim and Voni Flaherty met while attending law school in Chicago and started a grand adventure that has seen them explore a variety of career opportunities. Having gone from law to banking to general management at Caterpillar, it was while living in San Antonio a few years ago that

Increased Sales
$5M
Retained Sales
$2M
Jobs Saved
16
Jobs Created
27
Read Full Story
Manufacturer's Edge
Manufacturer's Edge
2650 E 40th Ave
Denver, Colorado 80205
info@manufacturersedge.com

Click here to find our staff & locations
Sign Up for Email Updates
For Email Marketing you can trust.

© 2021 · Manufacturer's Edge All Rights Reserved

Phone: 303.592.4087

  • COVID-19 Resources
    ▼
    • Main COVID page
    • Product & Services Directory
    • Critical Supply List – Manufacturing Specs
    • Cybersecurity
    • Health and Safety in the Workplace
    • Loans & Financial Resources
    • National/International Resources
    • State Resources
    • Supply Chain
  • About Us
    ▼
    • Staff and Locations
    • Board of Directors
    • Partners
    • Manufacturing Minutes Newsletter
    • Videos
    • Webinars
    • Success Stories
    • Congressional District Fact Sheets
  • Services
    ▼
    • Cybersecurity
    • Continuous Improvement
    • Technology Acceleration
    • Supplier Development
    • Sustainable Practices
    • Workforce Development
    • Online Programs
  • Events
  • Small Manufacturer’s AdvantEDGE
  • Manufacturers Connect