What is it about?
ICS and SCADA systems have now lost their characteristic technological isolation: they are increasingly interconnected with IT environments. In addition to borrowing operating systems, middleware, protocols or application components, they are also inevitably “inheriting” from them threats that were once foreign to the OT (Operational Technology) world.
Exposure to cybersecurity attacks, infections with generic malware (e.g. Wannacry) or that designed specifically for the world of industrial remote control (Industroyer or Triton to name the most famous cases made public): these are all real risks today.
They can also have serious consequences on production plants or critical infrastructures: from economic losses and image damage to even more serious scenarios.
The result is a real need, for a player active in the OT field, to proactively monitor its network as well as all the ICS / SCADA systems.
CryptoNet Labs, in partnership with Nozomi Networks, offers the SCADAguardian solution, which can:
- Monitor the status of process networks and their devices in real time; see which are the active nodes, what they interact with and also, an aspect often overlooked, decide the basis on which to proceed with any cybersecurity measure.
- Dynamically trace the phases of the industrial process, in order to detect anomalies, intrusions, infections or other security occurrences.
- Perform asset and vulnerability management in an OT environment.
All in a non-intrusive way, through the configuration of a suitable replica (switch mirroring) of the industrial remote control traffic.
Who can benefit from it
Companies that operate critical infrastructures or ICS / SCADA systems, with responsibility for security and compliance with industry standards and regulations (e.g. NIST 800-82 or NIS directive).