It is obvious that the infrastructures of sectors such as industry, transport, health or utilities, among others, are essential and play a very important role in the availability of services and in maintaining the safety of citizens. Despite this, in recent years, they have become a target for cybercriminals, who act with increasing precision.
No doubt. Critical infrastructures are vital. However, despite its strategic importance, there is still a lack of digital and cybersecurity maturity, not to mention the increasing interconnection between IT and OT networks. In this way, in recent years we have seen major attacks directed against these critical infrastructures and services that have been evolving, from ransomware, DDoS attacks, APTs, to the use of advanced modular malware that takes advantage of vulnerabilities in industrial protocols, and that do not include a cybersecurity dimension or provide any authentication or encryption mechanism.
Critical infrastructures are vital. However, despite its strategic importance, there is still a lack of digital maturity
Faced with such a profusion of attacks and due to the risk that a stoppage of production, a suspension in the flow of vital supplies, the loss of vital data or an alteration of health services could entail for the population, its protection is imperative, therefore that it is necessary to have mechanisms and countermeasures to protect critical systems. Thus, and in addition to protecting data and computer security, it is crucial not to neglect the network infrastructure, which is highly subject to ransomware attacks, or the workstations, often equipped with obsolete operating systems.
Proactive security solutions
In response to these requirements, Stormshield has Stormshield Network Security (SNS), a consistent security solution that ensures network availability in the event of a failure, protects industrial protocols (Modbus, OPC, etc.), filters and delimits information flows between the IT and OT network and control them between the installation and the outside. SNS is a complete range of network security solutions including two hardened devices (SNi40 and SNi20) for environments with high restrictions and that require always maintain connectivity, and a centralized management solution, Stormshield Management Center, for the management centralization of multiple distributed SNS solutions.
Beyond the networks, it is also inescapable to secure the entire chain, from workstations and various other devices to all data. Stormshield Endpoint Security (SES) detects any illegitimate process and adds detection and response capabilities to find out how the attempted attack occurred, securing endpoints. SES does not depend on signature databases or other types of intelligence in the cloud that require a connection from the workstation to the outside, therefore it offers the optimal security conditions for disconnected environments (workstations), and protects outdated operating systems such as Windows XP™.
For its part, an encryption solution such as Stormshield Data Security (SDS) secures the data, even in the event of an exfiltration. As the data is encrypted, the cybercriminal would only take cryptological garbage.
Threats to critical infrastructure are out there and businesses must arm themselves to stop them. It is useless to hide behind obsolete technologies, random variables or false mirages. To be up to the task and face an uncontrolled and multiform threat, it is necessary to go one step further: it is no longer a matter of knowing if a certain infrastructure will be attacked, but rather, of knowing when the attack will occur. The key is to be prepared.
George is Digismak’s reported cum editor with 13 years of experience in Journalism