SCADA Security

Networked ICS platforms and SCADA arrays are vulnerable to existing risks because of their similar dependencies on Operating Software and Systems Infrastructure. Guarding the security of SCADA and process management methods is crucial for business that operates in the Energy, Gas, Fuel, H2O and Industrial Production Sectors.

The Challenge

As Control Systems rely more on Cyber components, programmable logic control, and Computer Networks and Internet Connectivity, the risk of exposing SCADA systems to malicious threats also rises.

Automotive Manufacturers, Large Equipment Handlers, Power plants and the like rely heavily on SCADA systems and this opens another dimension in Cyber Security.

The Evolution

In recent years, there has been a tremendous increase of awareness within the International Safety Community regarding risks related to cyber-attacks to Nation’s Critical Infrastructure; Assemblies that tackles Cyber Security Awareness are vital according to Security Professionals.

Networked ICS and SCADA Techniques are vulnerable to existing risks because of their similar dependencies on Operating Software and Systems Infrastructure. Guarding the security of SCADA and process management methods is crucial for business that operates in the Energy, Gas, Fuel, H2O and Industrial Production Sectors.

At the present time, risks consist of:

  • Taking advantage of security weak points inside ICS/SCADA methods that provides attack vectors an easy access can be amended by proper techniques and methods
  • A massive escalation of the rate of recurrence of sophisticated attacks which focuses on ICS/SCADA techniques for the last couple of years (such as Stuxnet)
  • Due to feasible acquisition, ICS/SCADA methods are specific to advanced and structured organizations.

Our Offer

Amongst the global frontrunner in Cyber Security, MAROEV Cyber Solutions offer effective assistance to Global Energy and Industrial companies to safeguard their ICS/SCADA techniques and Process Management Methods.

We offer three Levels associated with ICS Protection:

  1. Top-Notch ICS And SCADA Security Consulting Experts

    , offering a close escort to plan and design how to protect your SCADA and ICS platforms, based on a vast long years lasted practical experience of protecting ICS systems, and tackling sophisticated cyber threats aimed and tailored to SCADA arrays. Our professional had crafted tactics, techniques and procedures how to:

  • Assess ICS / SCADA cyber threats. Assist you to define what types of threats are relevant to your infrastructure.
  • Design your SCADA / ICS security posture.
  • Advise you what kind of controls you should place, what kind of counter measures should you formulate, and where should you place safe guards in order to mitigate the risks your ICS infrastructure faces.
  • Validate the degree of effectiveness of the controls aforementioned.
  • Formulate your ICS/SCADA security policy.

 

  1. ICS / SCADA Security Policy Automated Compliance Solution:
    • The complex matrix of third-party vendors that need to access ICS/SCADA systems at various distributed plants require multiple penetration points through the enterprise’s perimeter. This opens vulnerabilities and a complex management headache. We simplify this process by providing a single “gate” for remote access to all assets across multiple sites.
    • The offered security solution architecture includes two agent types, the “Security Center” located at the company headquarters and “Virtual Security Agents” which are located on premises in each plant. A secure tunnel runs between the Security Center and the agents, and all communication that previously took place directly to each local plant now tunneled through the central location.
    • Central patch management – The central solution enables to roll out patches, updates and policy changes to remote locations, hence reducing the vulnerability window to both internal and external attacks. In addition, instead of each third-party vendor accessing its SCADA/ICS system through its own window, vendors enter through a single, highly monitored gateway, which increases protection of all assets throughout multiple sites. Lastly, the solution allows headquarters staff to access assets remotely to assess for cyber-attacks, and where necessary, remediate breaches from remote location control.
  2. Detection Of ICS Threats

    – Catch it before it causes serious damages.

    • Industrial intrusion detection system.
    • Creates a baseline of the normal operation
    • Monitors the control data
      1. Looks for unexpected behavior anomalies
    • Detects cyber-incidents
      1. Alerts the security team
      2. Provides forensic tools
    • Industrial IDS requires dozens of signatures for each layer
      1. Represent known cyber-threats
      2. Independent of the customer’s system
    • Behavior-based signatures:
      1. Represent process behavior patterns
      2. Are customized per-plant via an automatic learning process
    • IIDS behavior anomaly detection goes beyond just cyber security
      1. Technical Errors • Malfunction • Comms loss • Leakage
      2. Human Errors • Configuration • Installation • Procedure
      3. Cyber Attacks • Hackers • Malware • Insiders
    • Cross-Platform Intrusion Detection System
      1. Monitor SCADA protocols and ICS processes
      2. Aggregation of the data from the 2 platforms enables:
        1. Increased detection rates
        2. Higher confidence (less false positives)
        3. Unified view for cyber-incident alerts
        4. More detailed forensic analysis

 

  1. Forensics for ICS / SCADA Cyber Incidents.
    • The Baseline – Process Behavior Signature:
      1. Sensor Behavior – Discrete vs. Continuous
      2. Signal Thresholds
      3. Seasonal patterns
      4. Process Correlations
      5. Sampling Behavior
      6. Laws of Physics

 

MAROEV Critical Infrastructure Additional complimentary State Of The Art Providers

MAROEV offers and array of providers that may support your business to organize and respond to varying cyber security risks, the list of providers include:

  • Area Assessment to safeguard requirement and specifications
  • ICS/SCADA Safety Evaluation.
  • Assessment and Review of critical methods such as adjust handle, back-up, event recognition and recuperation.
  • Assessment regarding ease of access to elements that can be affected and natural disaster.
  • Assessment to recover and respond to specific cyber-attack.
  • Manage software concentrated on transmission testing.

SCADA pic 1

Industrial IDS – Behavioral Based SignaturesSCADA pic 2