Rostelecom proposes to ban foreign smart-machines and other equipment to transfer data abroad
The infrastructure of the “industrial runet” will allow storing all information of an industrial nature in Russia
Photo: REUTERS / Ralph D. Freso
Rostelecom proposes to implement a large-scale project for the protection of technological data of Russian companies that use foreign equipment, writes Izvestia. In particular, the department warns of the danger of remote disruption of the functioning of foreign equipment operating in the Russian industry, if the control system of such equipment is located on the territory of other states. In addition, representatives of Rostelecom say, in this case, the possible withdrawal of technological information of national importance outside of Russia.
')
As for remote control of equipment from abroad, this is a fairly common practice in various industries. The fact is that a certain part of “smart” imported machine tools and other equipment comes with a number of restrictions: they cannot be disassembled, and data on their use is received by manufacturers, to whom buyers provide remote control of such systems. Due to this, manufacturers have the ability to remotely adjust or even interrupt the operation of the machine. In addition to industry, similar schemes work in the energy sector, as well as in telecommunications, mining and special vehicles. According to representatives of Rostelecom, this problem can be solved by creating a unified infrastructure of technological data with traffic localization in the territory of the Russian Federation. Access to this infrastructure should be provided to domestic regulators, control and supervisory authorities, management companies, equipment suppliers and service companies.
Andrei Dukvalov, head of the advanced technologies department at Kaspersky Lab, argues that foreign manufacturers of technological equipment used in various technological processes require access in order to provide continuous technological support to the manufacturer with the ability to make quick decisions in the event of an emergency. If the buyer refuses to provide access, the manufacturer may either refuse service support, or the manufacturer’s assistance will become very expensive, since a specialist will need to travel to solve the problems. In this case, the owner of the equipment in most cases is not aware of what traffic and in what volume goes to the service centers of manufacturers. This type of equipment is used in critical industries, including energy, oil and gas, healthcare, telecommunications, transportation systems.
As part of the proposed initiative, Rostelecom plans to introduce a monitoring and data collection system at a number of power plants where steam-gas turbines of foreign production are installed. We are talking about the installation of equipment at the power generation facility, with the organization of communication channels and their simultaneous connection to the technological data infrastructure. This infrastructure has already received a special name - “industrial Internet”. The data will be stored in the “Single Data Center”.
In case of successful implementation of the pilot project, the department proposes to equip each link of the production chains of critical industrial facilities and high-risk facilities with sensors and sensors. This will allow organizing a system of remote state supervision and reducing the number of routine inspections that are carried out on site by inspectors.
According to Rostelecom, it is necessary to legislate the concepts of “technological data”, “technological data infrastructure”, and then impose restrictions on the storage of technological data outside the Russian Federation.
Rostelecom has offered its project to create an “industrial Internet” in the framework of the working group on the use of the Internet in the domestic economy and social sphere “Internet + City”, previously formed under the Russian government. This working group includes representatives of business and government agencies, including the Ministry of Industry and Trade, the Ministry of Energy, the Ministry of Transport, and the Ministry of Communications and Mass Media. The President of the Russian Federation earlier ordered the group to form, by November 1 of this year, a list of initiatives for the introduction of domestic technologies of the “industrial Internet” and form a legal framework, which is currently being prepared by the current working group. The size of the budget has not yet announced.
The leading analyst of the Doctor Web development department, Vyacheslav Medvedev, believes that an infrastructure that is resistant to potential attacks by intruders is really needed. In addition, he believes that it is necessary to develop requirements for suppliers of software and hardware.
Medvedev says that projects are currently being implemented for remote control of equipment such as unmanned vehicles and ships, where the manufacturer can alter the characteristics of the systems or block their work.
And the Rector of Innopolis University, Alexander Tormasov, doubts the possibility of creating a unified data storage infrastructure, where separate technological data of companies operating in various fields will be collected. He believes that the equipment supplied by foreign suppliers is safe enough. The fact is that when purchasing a network system, the organization that acquired this system changes the login and password, and management rights remain only with the administrators of the customer’s company. True, there is a possibility of exploiting software vulnerabilities of such equipment. "... it happened, according to rumors, in Iraq. At the beginning of the war, all network equipment of a well-known manufacturer was turned off remotely through holes in its software. Then software vulnerabilities that were known to the manufacturer were used," Alexander Tormasov comments on the situation.
Interestingly, Rostelecom, which proposes to protect domestic customers, recently signed an agreement with Huawei, involving joint development and implementation of innovative IT and telecommunications solutions. Probably, the hardware and software of the Chinese company is completely safe.
Photo: REUTERS / Ralph D. Freso
Rostelecom proposes to implement a large-scale project for the protection of technological data of Russian companies that use foreign equipment, writes Izvestia. In particular, the department warns of the danger of remote disruption of the functioning of foreign equipment operating in the Russian industry, if the control system of such equipment is located on the territory of other states. In addition, representatives of Rostelecom say, in this case, the possible withdrawal of technological information of national importance outside of Russia.
')
As for remote control of equipment from abroad, this is a fairly common practice in various industries. The fact is that a certain part of “smart” imported machine tools and other equipment comes with a number of restrictions: they cannot be disassembled, and data on their use is received by manufacturers, to whom buyers provide remote control of such systems. Due to this, manufacturers have the ability to remotely adjust or even interrupt the operation of the machine. In addition to industry, similar schemes work in the energy sector, as well as in telecommunications, mining and special vehicles. According to representatives of Rostelecom, this problem can be solved by creating a unified infrastructure of technological data with traffic localization in the territory of the Russian Federation. Access to this infrastructure should be provided to domestic regulators, control and supervisory authorities, management companies, equipment suppliers and service companies.
Andrei Dukvalov, head of the advanced technologies department at Kaspersky Lab, argues that foreign manufacturers of technological equipment used in various technological processes require access in order to provide continuous technological support to the manufacturer with the ability to make quick decisions in the event of an emergency. If the buyer refuses to provide access, the manufacturer may either refuse service support, or the manufacturer’s assistance will become very expensive, since a specialist will need to travel to solve the problems. In this case, the owner of the equipment in most cases is not aware of what traffic and in what volume goes to the service centers of manufacturers. This type of equipment is used in critical industries, including energy, oil and gas, healthcare, telecommunications, transportation systems.
As part of the proposed initiative, Rostelecom plans to introduce a monitoring and data collection system at a number of power plants where steam-gas turbines of foreign production are installed. We are talking about the installation of equipment at the power generation facility, with the organization of communication channels and their simultaneous connection to the technological data infrastructure. This infrastructure has already received a special name - “industrial Internet”. The data will be stored in the “Single Data Center”.
In case of successful implementation of the pilot project, the department proposes to equip each link of the production chains of critical industrial facilities and high-risk facilities with sensors and sensors. This will allow organizing a system of remote state supervision and reducing the number of routine inspections that are carried out on site by inspectors.
According to Rostelecom, it is necessary to legislate the concepts of “technological data”, “technological data infrastructure”, and then impose restrictions on the storage of technological data outside the Russian Federation.
Rostelecom has offered its project to create an “industrial Internet” in the framework of the working group on the use of the Internet in the domestic economy and social sphere “Internet + City”, previously formed under the Russian government. This working group includes representatives of business and government agencies, including the Ministry of Industry and Trade, the Ministry of Energy, the Ministry of Transport, and the Ministry of Communications and Mass Media. The President of the Russian Federation earlier ordered the group to form, by November 1 of this year, a list of initiatives for the introduction of domestic technologies of the “industrial Internet” and form a legal framework, which is currently being prepared by the current working group. The size of the budget has not yet announced.
The leading analyst of the Doctor Web development department, Vyacheslav Medvedev, believes that an infrastructure that is resistant to potential attacks by intruders is really needed. In addition, he believes that it is necessary to develop requirements for suppliers of software and hardware.
Medvedev says that projects are currently being implemented for remote control of equipment such as unmanned vehicles and ships, where the manufacturer can alter the characteristics of the systems or block their work.
And the Rector of Innopolis University, Alexander Tormasov, doubts the possibility of creating a unified data storage infrastructure, where separate technological data of companies operating in various fields will be collected. He believes that the equipment supplied by foreign suppliers is safe enough. The fact is that when purchasing a network system, the organization that acquired this system changes the login and password, and management rights remain only with the administrators of the customer’s company. True, there is a possibility of exploiting software vulnerabilities of such equipment. "... it happened, according to rumors, in Iraq. At the beginning of the war, all network equipment of a well-known manufacturer was turned off remotely through holes in its software. Then software vulnerabilities that were known to the manufacturer were used," Alexander Tormasov comments on the situation.
Interestingly, Rostelecom, which proposes to protect domestic customers, recently signed an agreement with Huawei, involving joint development and implementation of innovative IT and telecommunications solutions. Probably, the hardware and software of the Chinese company is completely safe.
Source: https://habr.com/ru/post/357134/
All Articles