Editor’s Note: Thanks to Tim Senkbeil, a product manager with Belden’s Lumberg Automation brand, for his contribution to this article.
In the last several years, many industrial-based businesses – such as food and beverage, oil and gas, power utilities, manufacturing, pharmaceutical, cosmetics and others – have focused on improving their financial standing by investing in sensor-laden automated systems that maximize productivity and streamline production.
By embedding connectivity into their industrial equipment, managers are able to monitor system performance and ensure their facility is consistently performing at a high level.
As these connected systems become more critical to businesses’ success, the need to prevent equipment failure and unplanned downtime becomes even more important than usual. If a cord set fails in an industrial setting, the losses can quickly put a major dent in overall profitability.
Repair and labor costs, as well as the costs of lost productivity and discarded materials, can add up to 15-20 times the cost of the component itself. In certain industries, a single hour of unplanned downtime can cost $20,000 – $30,000.
With thousands of dollars, as well as the physical well-being of employees and equipment at stake, businesses in industrial settings need to ensure that the cord sets used to enable connected and automated systems can withstand the extreme, hazardous conditions they’re exposed to.
The age of malware specifically targeting industrial control systems (ICS) began in 2010 when Stuxnet was revealed to be disrupting operations at one of Iran’s nuclear enrichment facilities. Since that shock, we have seen advanced malware, such as Flame and Duqu target energy companies for espionage purposes. We have also seen the unsophisticated, but highly effective, Shamoon malware massively infiltrate Saudi Aramco .
Today, I want to let you know about a new malware, coined as coming from the “Dragonfly hacking group” by Symantec. It indicates a modis operandi on the level of Stuxnet in terms of technical brilliance and strategic execution.
Aimed at energy companies, it has at least three different attack mechanisms, including taking over the software download sites at trusted ICS/SCADA suppliers. The download packages look legitimate (since they come from trusted suppliers), but when the unsuspecting user installs them on their control system, the malware comes to life.
What does this have to do with everyday ICS and SCADA security? It is yet another example of targeted attacks of organizations in the energy sector. If you are in the energy sector, or your business relies on it, you may need to factor this type of cyber threat into your security risk assessments.
Let’s take a look at Dragonfly in more detail and see what we can learn from it.
RATs (Remote Access Tools) are key components of the Dragonfly malware.
Image Credits: The Quinton Report and The Dragonfly Woman
Editor’s Note: Thanks to Peter Cox, cable expert, and a Project Manager in Belden’s Industrial IT group, for his contribution to this article.
From subsea drilling 6,000 feet below the surface to pipelines that cross many landscapes to intense refining processes, the range of conditions for oil and gas installations is very broad. As a design engineer, you may be involved with many types of projects with very different requirements. How then do you approach selecting the right cable for an oil and gas application?
But won’t any cable do? Certainly not! Cable issues account for more than 70% of signal transmission issues and they are difficult to diagnose and resolve. With downtime costing thousands of dollars per hour, availability requirements demand that the right cable is specified for each use.
The good news is that despite the broad range of oil and gas applications many of them share common cable requirements. In this article I take away the voodoo and spell out the 3 easy steps to selecting the right cable.
Figure 1: These drill rigs are an example of “harsher” environment for cable use.
Image Credit: EDI Weekly Read more
This week we have a post from a guest blogger! Greg Deitz is a Networking Cable Product Manager for Belden.
Frequently squeezed and bent during installation and routinely manipulated by IT personnel, patch cords are often viewed as one of the most replaceable, commoditized components in the data center.
But as the primary connection for servers in the data center and switches in the LAN, patch cords are the front line of defense against downtime.
Since a cable channel is only as good as the weakest link, you might want to give your patch cords a little more attention. Read more
We all know that water in an electrical system is bad news. And we do our best to keep it out by specifying waterproof cable and connectors, and following industry best practices for installation and maintenance.
So, what if water does get into a coaxial radio frequency (RF) network? Unfortunately, its presence is not always obvious and its impact can be elusive and difficult to manage. Here are some tips to help you trouble-shoot a persistent moisture problem:
Know your risks
Water doesn’t often enter your cable or connector in the ways you may expect. Read more
When I started Tofino Security in 2006, my two goals were to make industrial cyber security easy to deploy and better suited for the real needs of mission critical networks. Our first generation products went a long way in doing that, but like any initial offerings they reflected a limited feedback loop from users in the field.
Today I am proud to say that we have integrated lessons learned over the last eight years to deliver Tofino 2.0, our next generation of industrial cyber security solutions.
Tofino 2.0 is a suite of products and services that includes:
- A new set of security appliances—the Tofino Xenon product line
- A new software tool—the Tofino Configurator 2.0
- A new Deep Packet Inspection Loadable Security Module (LSM)—the Tofino EtherNet/IP Enforcer
All products are now integrated with online licensing systems, plus made-to-order manufacturing. I believe this combination makes it extremely easy for control systems professionals to deploy ready-to-go cyber security solutions that work.
While normally my articles are designed to help educate you on industrial security topics, I hope my enthusiasm for Tofino 2.0 will convince you to read further and find out how this new generation makes implementing security on the plant floor both flexible and simple.
Introducing our new Tofino Xenon family of state-of-the-art security appliances
Everybody these days seems to be talking about software defined networking (SDN) and what it means for the future of data centers.
While giants like Google and Amazon are already using some form of SDN, others are just starting to experiment with the technology. While there’s no doubt that SDN will eventually make its way from larger hyperscale data centers and cloud service providers to the enterprise, I believe we are still at least a year away from any significant adoption.
While you might not be ready for SDN today, getting a handle on the benefits and considerations can help prepare you for the inevitable.
What Is It?
In simplest terms, SDN is a centralized method of controlling the way that switches handle traffic in the data center. Typically switches move data packets from their input to their output (forwarding) and they determine how those packets should be moved (control). Read more
Editor’s Note: This week we have a post from a guest blogger! Greg Deitz is a networking cable product manager for Belden.
Last month, Paul Kish blogged about counterfeit cable and connectivity, the risks and how to identify these subpar components. As stated in that blog, purchasing well-known brands of cable and connectivity from reputable manufacturers like us is the best protection against counterfeit components.
Purchasing Belden cable is also the best protection against copper clad aluminum (CCA) cables, which unfortunately have become a growing problem in the market.
What is CCA?
Composed of an inner aluminum core and outer copper cladding, CCA cables are often used for voice coils in headphones or loudspeakers, as well as for some RF and bonding and grounding applications.
Significantly lighter than pure copper and yet stronger than pure aluminum, CCA cables have been used for some electrical applications to avoid issues inherent with aluminum wire connections and also because they are less expensive than pure copper. Unfortunately, CCA cables have also become a cheap replacement for category twisted-pair communications cables, but they should not be deployed in a network infrastructure. CCA cables are not compliant with UL and TIA standards, both of which required solid or stranded copper conductors.
What are the Concerns?
First of all, CCA cables have poor flexibility that can cause breakage. Read more
Supported by both TIA commercial and data center standards, fiber zone cabling has been around for a while as a viable means for improving manageability, flexibility, scalability and security in a variety of applications—from the casino floor to the data center.
Let’s take another look at the practice of fiber zone cabling and its benefits, applications and considerations.
Active in the Horizontal
In the horizontal space, fiber zone cabling logically places connectivity to support a group of devices or work areas. Rather than deploying multiple long home-run copper cables from the closet to each device, active zones involve fewer runs of fiber from the closet to a switch in the zone and then shorter runs of copper that extend from the switch to each device.
Where might we see this deployed? Think of an open office with various work areas or cubicles segregated by department or function, a casino floor with several zones or pods of slot machines, or even a stadium with point-of-sale (POS) machines in one area to support food and beverage vendors.
With the increase in consolidation, intensive virtualization and outsourcing, the traditional data center environment with common brand-name equipment and conventional architectures is quickly shifting to the “hyperscale” data center of tomorrow.
These hyperscale data centers put the demand for customization on the rise. Let’s take a look at this trend worth watching.
The White Box Affect
Typically associated with cloud computing and the super data centers owned by the likes of Facebook, Google and Amazon, hyperscale computing environments often encompass millions of stripped-down virtual servers that are customized for specific needs.
One obvious indicator of this customization is the growth over the past few years of the ODM (Original Design Manufacturers) server market and the decline among big server vendors like Dell, HP and Lenova, as well as IBM’s recent decision to get out of the server market altogether—collectively something I refer to as the “white box affect.”