14 DAY TRIAL // With the number of attacks on industrial systems growing at a rapid pace, Kaspersky announced last week the launch of a new cyber-security solution aimed at Industrial Control Systems (ICS).
ICS/SCADA (Industrial Control Systems/Supervisory Control And Data Acquisition) is the equipment responsible for interconnecting a factory's actual equipment with its IT network. These systems are integrated at the lowest level with various industrial components, and besides data acquisition, some of them have control over the device itself.
ICS/SCADA hacks are extremely dangerous, even life-threatening
Attacks that penetrate networks, search for these type of equipment, and damage its normal mode of operation have started to grow in number in recent months, especially after an incident in Ukraine that left large portions of the country without electrical power on Christmas Eve.
Researchers also showed that hackers could damage railway systems, nuclear power plants, oil and gas companies, and various other types of SCADA equipment.
Additionally, there was also the accidental hack of a water supply station and a New York dam in 2013 that showed that even random hacks can wreak havoc if SCADA equipment parameters are modified, even by mistake.
Security software for ICS/SCADA gear
It so is of great importance that manufacturers protect SCADA equipment. Unfortunately, outside of isolating these devices off the Internet, until now, there hasn't been any better solution.
Unfortunately, not all SCADA equipment is built to function in an offline mode, and in some cases, they need to have an Internet connection in some configuration or another.
It's this type of network setups that Kaspersky now wants to protect with its Industrial CyberSecurity product. Kaspersky's new tool was built from the get-go to protect ICS/SCADA servers, HMI panels, engineering workstations, PLCs, and other similar devices.
Built on conventional security technologies such as anti-malware protection, whitelisting and vulnerability assessment, Industrial CyberSecurity also features integrity check for PLC programs, semantic monitoring of process control commands, and telemetry data to detect cyber-attacks targeting the physical part of an infrastructure.
Besides this, the product also comes with something called "observability mode." This mode of operation focuses only on the detection of cyber-attacks, operation personnel faults, and anomalies inside an industrial network, alerting human operators, who can then decide what the best way to react is.
