The United Kingdom-based global cybersecurity company introduced this week Darktrace Industrial, a new business unit dedicated to identifying emerging and existing security threats to and vulnerabilities in industrial systems and critical infrastructure networks.
A product update, Darktrace Industrial Immune System version 3, can detect silent and subtle attacks on control systems with new capabilities including:
– New mathematical techniques focused on detecting low and slow attacks
– Powerful ways to analyze and visualize ICS zone structures
– Improved detection of compliance breaches within OT environments
– Expanded support for legacy industrial systems and non-traditional IT, such as IoT
Industrial environments that rely on legacy bespoke systems, face new security challenges such as connected industrial devices, sensors, remote maintenance repair operations, and increasing connectivity to IT environments.
According to Darktrace, its self-learning approach “understands the normal ‘pattern of life’” for every operator and device without requiring agents, or knowledge of operating systems.
“Industrial control systems have long operated under ‘air-gap’ principles that assume their isolation from IT and publicly accessible networks,” according to Scott Crawford, research director for information security with 451 Research. “In reality, many are accessible from IT networks for control and integration.”
He said that as smart technologies become more integral to physical controls, their wide accessibility and connections to public networks are only likely to grow.
“This is an increasingly serious concern, considering the public and personal safety dependent on ICS, and the potential for disruption and catastrophic damage,” Crawford warned.
Introduction of the business unit is timely. Over the last few years, there have been a growing number of countries exposed to cyber attacks of various sorts. Many government agencies have raised the alarm on the vulnerability of public critical structures and networks to cyber attacks.
Recently, the U.S. government issued a rare public warning that sophisticated threat-actors are targeting energy and industrial firms. In addition, the European Union Network and Information Security (NIS) Directive introduced security requirements as legal obligations for operators providing essential services including industrial automation control systems and connected devices.
With increased digitization and the rise of the Industrial Internet of Things, the need for cybersecurity within operational environments has never been higher, according to Andrew Tsonchev, director of technology at Darktrace Industrial.
“Darktrace has a four-year investment in the Industrial Immune System, the world’s first and only proven machine learning technology capable of detecting emerging attacks on OT environments, including ‘low and slow’ attacks, and ‘unknown unknowns’,” said Tsonchev. “Darktrace Industrial will enable the accelerated adoption of this pioneering technology, which already defends some of the world’s most complex industrial control environments from nuclear plants to power grids.”
“Cyber-threats to critical infrastructure are evolving at a pace that is nearly impossible to keep up with, and coupled with the escalated international attention to ICS threats, the security of our systems is our utmost business priority,” said Michael Sherwood, director of technology and innovation for the City of Las Vegas. “Darktrace Industrial is fundamentally changing the game of ICS cyber defense – armed with its machine learning technology, we feel confident in our ability to identify the subtle and increasingly sophisticated attacks threatening our infrastructure.”
He said the Industrial Immune System’s combination of AI and visibility “heralds a new future for proactively defending OT environments.”
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…