Tackling cybersecurity in the ITS sector

Kyle Stetar

June 30, 2023

It’s time for the ITS sector to re-think and modernize network security to protect against today’s cybersecurity threats.

The unsettling times of the past two years have highlighted the cracks in our IT networks for nefarious actors to rear their ugly heads and unleash a torrent of cyberattacks. In fact, a recent report indicated that cyber incidents have risen a whopping 600 percent over this dark period.

As the world settles into its new normal, industries are being challenged to re-visit their network security strategies. In the Intelligent Transportation Systems (ITS) sector that means re-thinking and modernizing network security to guard against today’s threats.

Previously, launching a cyberattack of this scale would have required significant resources only available to state actors or large organizations. However, today’s tools are more easily accessible and ready to exploit vulnerabilities. Each connection comes with a cybersecurity risk ― at some level. And as transportation becomes more connected, with vehicles that exchange information in real-time with other vehicles and with infrastructure, opportunities to take down entire transportation ecosystems will only rise. With each connected system and subsystem, and the proliferation of new technologies into transportation networks, the need for robust cybersecurity measures increases. To increase efficiency and automation, the convergence of Operational Technology (OT) and Information Technology (IT) will accelerate, and more systems will be integrated with the connected road, remotely supervised by the Operation Control Centre (OCC).

Trust no one

A solid approach to cyber defense in the transportation industry must consider the data network since that’s where most cyber exploits originate. Understanding network vulnerabilities lets IT personnel head off attacks before they can affect mission-critical systems and impact public safety. For example, if a network switch is left at the default configuration a hacker only needs to download the readily available user manual to find potential security gaps and infiltrate the system.

Additionally, IT need to consider a rules-based security strategy with a layered approach to access that ensures root users, super admins, and admin-level users are clearly defined, and that the levels of access control are consistently enforced.

A zero trust network security strategy can safeguard the organisations’ resources, as well as the network, by focusing on protecting access to the resources. Zero trust assumes attackers are already present and ready to attack — there is no implicit trust. Micro- and macro-segmentation ensures access is limited to the resources needed when the request is made. Zero trust applies multiple layers of security protection equally to every internal and external person, system, subsystem, application, and device that attempts to access the network. For example, if someone wants to connect with a camera to which they do not have access, an intelligent network switch can detect and reject that attempt. Such systems can also inspect within the packet to determine whether certain traffic is allowed. Additionally, all network resources are continuously scanned for unusual or malicious activities.

While each transportation operator’s requirements are unique, the following five elements are critical steps for assessing and implementing a security strategy:

1. Monitor: Identify data types, applications, assets, and network services to be protected

2. Validate: Assess data flows, including cloud environments and how network resources interact

3. Plan: Architect and segment the network around data types, applications, assets and services

4. Simulate: Develop and test the policies to verify they protect all network resources

5. Enforce: Continuously monitor to detect violations, remediate and strengthen the policy

Security baked-in

At Alcatel-Lucent Enterprise we are helping transport operators modernize their ITS networking vision with built-in security protection. We deliver reliable, high-level functionality, greater resilience and network security by design, even in the most challenging transportation conditions. The Alcatel-Lucent OmniSwitch® family of switches takes enterprise-grade functionality from the data centre all the way to the edge with the OmniSwitch 6865 and OmniSwitch 6465 families developed to support mission-critical applications that need to operate in extreme environments. These switches can withstand challenging indoor/outdoor, extreme heat/cold transportation environments, while intelligent software ensures reliable performance and security. Additionally, these rugged switches can be stacked to create a virtual chassis and are specifically designed for transportation and traffic control systems.

The ALE OmniSwitch family is field-proven and globally deployed across all industries. ALE products undergo real-world trials, including penetration testing to address today’s growing cyber threat. But security isn’t just about our products. A newly formed organization within ALE is working to ensure that security is integrated and managed at the organizational level. This cultural approach to security sets us apart from our competitors. From designers to developers, ALE incorporates security considerations at every level, ensuring cyber protections are intrinsic at every stage, from design through to support.

ALE’s robust networking solutions deliver the protection needed to make ITS a reality today and help transport operators evolve toward a safer, more secure tomorrow.