The cybersecurity of industrial infrastructure

Kaspersky Lab have debuted a specialized solution to secure critical infrastructure and industrial facilities.

Kaspersky Industrial CyberSecurity delivers a unified, holistic approach to IT security for industrial facilities, combining the company’s leading technologies, services and intelligence in one unique package. The solution addresses the urgent need to comprehensively manage industrial cyber-risks and protect the continuity and integrity of systems that are vital to the economy and people’s health and welfare.

Information technologies and process automation systems are crucial to the operation of all modern industrial facilities – from power plants, refineries and assembly lines to railways, airports and smart buildings. Unlike traditional corporate IT networks, where confidentiality is the top priority, industrial control systems demand faultless continuity and consistency of the technological process. Strict regulation and compliance can lead to unprotected operating of critical facilities if the cybersecurity measures do not meet safety requirements.

Kaspersky Industrial CyberSecurity considers all these unique requirements and delivers protection to the ICS network at the layers most vulnerable to cyber-attacks – ICS/SCADA servers, HMI panels, engineering workstations, PLCs and more – securing them from cyber-threats without affecting operational continuity and consistency of the technological process.

ICS threat detection and prevention

The solution offers a combination of conventional security technologies, adapted for an ICS environment, such as anti-malware protection, whitelisting and vulnerability assessment functionality. This strong foundation is further enhanced with unique technologies designed specifically for industrial environments, including integrity check for PLC programs, semantic monitoring of process control commands and telemetry data to detect cyber-attacks targeting the physical part of an infrastructure.

Kaspersky Industrial CyberSecurity also provides a special observability mode that focuses solely on the detection of cyber-attacks, operation personnel faults and anomalies inside an industrial network. All prevention and detection technologies are managed via a single centralized management console.

Specialized security services for critical infrastructure

The Kaspersky Industrial CyberSecurity solution enables a broad range of protection to help infrastructure operators build an efficient security strategy. This means going beyond threat detection and prevention technologies by adding specialized security services to develop incident response and prediction capabilities.

An efficient approach to security always starts with industrial cybersecurity training, both for IT security professionals and general employees, aiming to target the personnel awareness gap and mitigate the risks of human error. Awareness training programs include baseline security in ICS, social attack in critical infrastructure environment and others. Expert services include cybersecurity assessment and penetration testing. These services allow customers to strengthen their own intelligence, manifest the most critical vulnerabilities, including zero-day threats, and predict cyber-threats relevant to the company’s specific industrial assets and technological processes. Incident response services delivered by our dedicated industrial cybersecurity team all around the globe will help to localize the intrusion, mitigate consequences, stop attackers from penetrating further into the infrastructure, prevent subsequent attacks on a compаny and develop an incident response plan for the future.

“Today, the cybersecurity of industrial systems and critical infrastructures is of vital importance,” said Eugene Kaspersky, CEO, Kaspersky Lab. “An increasing number of such systems are using devices and channels that interact with the outside world. Sometimes they use equipment that was never intended for external access, not to mention software that was created decades ago and has not been upgraded since! This is a very serious issue because not only is the continuity of the production process at stake, the environment and even human lives can be at risk. Our solution is capable of ensuring the cybersecurity of the technology cycle at all levels of the automated process control. We are also actively cooperating with manufacturers of automation systems in order to develop equipment that takes new cybersecurity standards and requirements into consideration.”

Meeting the strict industry requirements

The highly customizable settings of Kaspersky Industrial CyberSecurity mean it can be configured in strict accordance with the requirements of different industries, facilities and production lines, allowing the solution to be effectively integrated into an organization’s existing ICS network and technological processes without any significant modifications to the network or to the process. All of the company’s technologies are tested by and certified with leading ICS vendors. Kaspersky Industrial CyberSecurity was successfully piloted and integrated in a number of projects, including at the VARS petrochemical terminal and TANECO oil refinery giant that chose Kaspersky Lab to protect their industrial networks.

“Having analyzed the potential threats faced by hi-tech oil refineries, we opted for the Kaspersky Industrial CyberSecurity solution by Kaspersky Lab,” said Marat Gilmutdinov, head of industrial control systems department, TANECO. “It was important for us to buy more than just a security solution. We needed to put comprehensive security measures in place to protect our operations against cyberthreats at any ICS level. We also needed to work with a vendor capable of assisting with any possible issues during deployment and operation.”

“The capabilities of Kaspersky Industrial CyberSecurity exceeded all our expectations. Just months after deployment, Kaspersky Industrial CyberSecurity detected an unauthorized connection attempt by an outside laptop to one of the controllers. The attackers were attempting to modify the operation settings of a sensor,” added Gilmutdinov.

“VARS continuously monitors the evolution of the cyberthreats landscape and we realized that we were an increasingly vulnerable target for attack,” said Roman Yanukovich, SIA VARS Technical Director. “Left unprotected, an IT security breach could severely disrupt and disable our automated operations with severe implications for the port’s commercial viability, the safety of our employees, the population of the nearby town of Ventspils, not to mention the risk of potential contamination of the Baltic sea. Kaspersky Industrial CyberSecurity enables us to protect the terminal and its customers from such an attack.”

More detailed information about Kaspersky Industrial CyberSecurity is available here.