On June 22, the "2019 China Industrial Information Security Conference" released the "white paper on the development of China's industrial information security industry (2018-2019)", in which the data showed that the market growth rate of China's industrial information security industry in 2018 reached 33.55%. It is estimated that the market growth rate will reach 19.23% in 2019, and the overall market scale will grow to 9.391 billion yuan.
This set of data confirms the reality that the traditional security protection strategy has been difficult to resist external attacks for the whole industrial chain. Even if 5g can revitalize the vitality of traditional industries, the first thing it has to pass is the security risk.
China's industrial Internet security situation is not optimistic
With the poor self-protection ability of traditional industrial control system and equipment access to the Internet, massive industrial control system and business system become the focus of network attacks.
Yang Yuyan, deputy director of the network security administration bureau of the Ministry of industry and information technology, said: "the deep integration of the Internet and industry has broken the relatively closed and reliable environment in the traditional industrial field and infiltrated the Internet security threats into the industrial field. Network attacks go straight to the production line. "
Fan yuan, chairman of Hangzhou Anheng Information Technology Co., Ltd., introduced that the biggest threat to the industrial environment is proprietary targeted malicious code, such as well-known viruses such as shock net and flame. Their attack targets are the engineering station, operator station, server and other hosts in the industrial control system, as well as DCS, PLC and other controllers. The purpose is to achieve the purpose of destroying the industrial production process and damaging the physical entity by infiltrating the control network of the field layer step by step and directly maliciously manipulating and tampering the host and field control equipment.
China's industrial Internet security situation is not optimistic. Only last year, the network security administration of the Ministry of industry and Information Technology commissioned relevant professional institutions to inspect and evaluate the security of more than 20 typical industrial enterprises and industrial Internet platform enterprises, more than 2000 security threats were found.
Wang Xiaoyun, academician of the Chinese Academy of Sciences, said: "China's industrial control system is composed of various automatic control components, and the operating environment is relatively backward. A large number of industrial control systems use private protocol communication, and lack of security design and demonstration. In most cases, security is sacrificed in exchange for stability, and security updates and maintenance are not timely. This is closely related to the level of science and technology in China, especially the inability to achieve self-control. "
First of all, guard the industrial host protection door
Industrial Internet involves many aspects of design and the whole industrial chain. China is drawing a blueprint for industrial Internet security from the perspective of policies, standards, norms and system framework.
Zuo Yingnan, vice president of Qianxin group, believes that the industrial information security must build a complete closed-loop security system in order to finally solve the problem, but the most important thing to be solved at this stage is the security protection of industrial host.
Zuo Yingnan said: "the industrial host is like the gateway to the physical world from the information world. All production control instructions and data are obtained through the industrial host and sent to specific industrial control equipment. If we guard this gateway well, we can fundamentally solve many security problems."
A very serious problem is that the blackmail virus encountered by many industrial enterprises in the past year is not the specific blackmail software for industrial control equipment. The general blackmail software has slipped into the industrial control network from the information network, and 80% of the virus sources or intrusion attack sources are imported through USB data.
Huang Min, chief technology officer of Beijing winute Technology Co., Ltd., said: "the previous industrial control system was very closed, but it did not bring the safety of the industrial control system. More than 50% of the industrial control systems operated with poison, and 100% of the industrial control systems operated with loopholes. It is impossible to change the above situation in the short term or even in the next few years, because a large number of industrial control systems need 7 × 24-hour uninterrupted operation, no chance to fix the patch in time, some unknown vulnerabilities we have not mastered
Zuo Yingnan stressed: "in the industrial environment, the replacement cost of a large number of existing equipment is very high, and the steps are very long. At the current stage, solving the safety problem of large stock of industrial equipment at a relatively low cost is the primary proposition."
Collaborative construction of industrial Internet security development environment
Industrial automation and information systems are widely used in energy, transportation, electricity, water supply and other key areas related to the national economy and people's livelihood. Once attacked, it will have a serious impact on economic and social development and the safety of people's lives and property.
Fan Yuan said: "the industrial Internet is a big stage for 5g applications. Various intelligent terminals are widely used in industrial Internet application scenarios. In the future, security will penetrate into all aspects of equipment, network, control, data and application. There is an urgent need to build an industrial Internet security development environment from the perspectives of technology, management and service. "
Chen Zhaoxiong, Vice Minister of industry and information technology, said: "in recent years, security incidents such as large-scale power outage in Venezuela's power grid and cyber attack on Ukraine's chlorine gas station have sounded an alarm for relevant industries. We must further raise our awareness of the extreme importance of industrial information security from the political perspective of safeguarding national security. "
Chen Zhaoxiong believes that the key information infrastructure is the nerve center of economic and social operation, the top priority of network security, and the target of possible major attacks.
Li Aidong, deputy director of the Network Security Coordination Bureau of the central network information office, said that in order to strengthen the security protection of key information infrastructure, we will further strengthen the supply chain and important data security management, clarify the guidance and supervision responsibilities of industry directors and regulatory departments, implement the main responsibility of operation units, and establish and improve the network security responsibility system.