Outdated industrial technologies generally have little or no security, which makes the elements of a factory's operation one of the main targets of cyber attacks. The attacks are increasingly advanced, without alarm, without trace, precise and and often personalized with specific codes. Invasions to automation networks have become a big deal for hacker activity so much so that there are already books teaching how to attack an industrial network.
On the one hand, the invaders are improving, on the other we see companies with employees increasingly connected to the Internet, using their personal devices to access the company's infrastructure, clicking on links of unknown origin at their workstation or accessing their networks through the corporate network.
Insiders today are primarily responsible for the internal threat to the company's systems. Insider Threat research shows that 55% of incidents started are due to abuse of privileges and 77% of respondents admitted having access to data they should not have.
Be it an employee, former employee, outsourcers or business partners they usually have accounts that give them legitimate access to the systems and have information that can be used to promote cyber attacks by others.
For Thiago Branquinho, CTO of TI Safe, business security can increase if people's safety increases. "Offering antimalware licenses for employees to use on their home devices can be an interesting thing, for example. Even if companies do not have control over these devices, at least they will be contributing to a more secure environment. This also includes, for example, the right to use the Microsoft office of the company at home. This reduces the risks of piracy, therefore, of infection. If a company wants, in fact, to raise cybersecurity maturity, it needs to offer the employee a new security mindset. "
According to Symantec, attacks from the TO (operating technology) environment are initiated through removable media such as USB device.
Malware infection and other types of attacks on Industrial Control System (ICS) features can have serious consequences such as information theft, production stoppage, invalid programming sent to controllers, and display of invalid data for operations.
During the workshop held in Rio de Janeiro, in partnership with TI Safe, Symantec general manager Kunal Agarwal presented the USB Scanning Station, a sanitization station for USB drives. A physical appliance scans the USB for infectious malware and cleans it, if any. The imposition driver validates the media when inserted into the USB port. The Symantec Malware Cleaner is used to clean a target system in case of a previous infection.
ICSP has advanced machine learning capabilities, with a trained model in more than 7 trillion data points; file reputation analysis; quickly identifies custom polymorphic hidden malware and can work in conjunction with CSP, a compact behavioral security mechanism that provides security for IoT devices.