It is obvious that the infrastructures of sectors such as industry, transport, health or utilities, among others, are essential and play a very important role in the availability of services and in maintaining the safety of citizens. Despite this, in recent years, they have become a target for cybercriminals, who act with increasing precision.
No doubt. The infrastructures reviews are vital. However, despite its strategic importance, there is still a lack of digital and cybersecurity maturity, not to mention the increasing interconnection between IT and OT networks. In this way, in recent years we have seen major attacks directed against these critical infrastructures and services that have been evolving, from ransomware, DDoS attacks, APTs, to the use of advanced modular malware that takes advantage of vulnerabilities in industrial protocols, and that do not include a cybersecurity dimension or provide any authentication or encryption mechanism.
Critical infrastructures are vital. However, despite its strategic importance, there is still a lack of digital maturity
Faced with such a profusion of attacks and due to the risk that a stop in production could entail for the population, a suspension in the flow of vital supplies, the loss of vital data or a disruption of health services, its protection is imperative, so it is necessary to have mechanisms and countermeasures to protect critical systems. Thus, and in addition to protecting data and computer security, it is crucial not to neglect the network infrastructure, which is highly subject to ransomware attacks, or the workstations, often equipped with obsolete operating systems.
Proactive security solutions
In response to these requirements, Stormshield has Stormshield Network Security (SNS), a consistent security solution that guarantees network availability in the event of a failure, protects industrial protocols (Modbus, OPC, etc.), filters and delimits information flows between the IT network and OT and control them between the installation and the outside. SNS is a complete range of network security solutions including two hardened teams (SNi40 and SNi20) for environments with high restrictions and that require always maintaining connectivity, and a centralized management solution, Stormshield Management Center, for centralized management of multiple distributed SNS solutions.
Beyond the networks, it is also inescapable to secure the entire chain, from workstations and various other devices to all data. Stormshield Endpoint Security (SES) detects any illegitimate process and adds detection and response capabilities to find out how the attempted attack occurred, securing endpoints. SES does not depend on signature databases or any other type of intelligence in the cloud that requires a connection from the workstation to the outside, so it offers optimal security conditions for disconnected environments (workstations), and protects outdated operating systems such as Windows XP™.
For its part, an encryption solution such as Stormshield Data Security (SDS) secures the data, even in the event of an exfiltration. As the data is encrypted, the cybercriminal would only take cryptological garbage.
Threats to critical infrastructure are out there and businesses must arm themselves to stop them. It is useless to hide behind obsolete technologies, random variables or false mirages. To be up to the task and face an uncontrolled and multiform threat, it is necessary to go one step further: it is no longer a matter of knowing if a certain infrastructure will be attacked, but rather, of knowing when the attack will occur. The key is to be prepared.
George is Digismak’s reported cum editor with 13 years of experience in Journalism