Report: Cisco closes down Critical Infrastructure Assurance security research group
According to a report by Dark Reading security portal, network equipment vendor Cisco is closing down part of its internal group focussing on global critical infrastructure security (Critical Infrastructure Assurance Group, CIAG). Apart from doing research, CIAG also conducts training and publishes "best practice" guidance. Although the group itself is to remain active, its research projects have been put on hold. This is reported to affect security projects for systems such as SCADA, VoIP networks and routing protocols such as BGP.
SCADA (Supervisory Control and Data Acquisition) systems are used in industrial plants and by energy and water suppliers for exchanging process data between a main unit (MTU) and one or several measuring terminals (RTUs). SCADA systems can also be used for calibrating nominal process values. Interrupting SCADA communication could cause processes to malfunction.
As part of its task, the research group released several tools for testing, for example, the security of such systems. The tools include a SCADA honey pot which can simulate an entire SCADA network including remote terminals on one single server, and the SMART tool for visualising SCADA network communication as well as BGP and TCP test suites. According to a blog entry by Dale Peterson of Digital Bond - a company specialising in SCADA security - the members of the SCADA research team in particular are already looking for new jobs. This comes as no surprise to Peterson, who is of the opinion that Cisco considers the SCADA market to be insignificant.
However, the SCADA security sector is populated by an increasing number of small companies providing VPN and firewall security for infrastructures which may have been in existence for quite a long time. The increasingly popular practice of merging administrative and production networks allows cyber criminals to access critical systems via attacks on web servers. The biggest fear of numerous governments is that cyber terrorists could obtain access to the networks used by critical infrastructure and manipulate them to cause considerable damage.