ICS Information Security: from Theory to Practice
According to CNews Magazine, at year-end 2015, damages to domestic economy caused by cybercrimes amounted to more than 200 billion rubles which made 0.25% of Russia’s GDP. As noted by experts, industrial enterprises are attacked with increasing frequency. This trend is worrisome, and not only for enterprises but also for manufacturers of ICS security solutions.
In Khabarovsk, a Workshop dedicated to the issues of ICS cybersecurity took place. Experts from ICL-KME CS, Check Point and Kaspersky Lab, as well as representatives of large industrial enterprises from Far Eastern Federal District participated in it.
Experts from Kaspersky Lab attracted the participants’ attention to the peculiarities of cyber defense process as applied to ICS. In their words, more than a half of intruder attacks are aimed at enterprises of fuel and energy complex, and malicious software is the most common cause of ICS cybersecurity violation. Sometimes targeted attacks are not discovered and prevented immediately, some of them manifest themselves only after a long period. That is why it is so important to use efficient solutions for ICS cybersecurity, especially in case of mission-critical objects. The Workshop participants got acquainted with Kaspersky Industrial CyberSecurity — a brand new line of solutions designed for protection of ICS technological networks and security of technology. Though these products have appeared in the market rather recently, they are already successfully tested and implemented in several pilot projects.
Ilya Petrov, an information security expert from ICL-KME CS, pursued the subject of practical application of industrial cybersecurity solutions. He gave the audience a real life example of conducting an audit of ICS information security in a large oil refinery plant.
Within the Workshop, Check Point, a company specializing in network security, presented its know-hows in ICS security. Specifically, 1200R, a new hardware security gateway, has been added this summer to the company’s product line. Due to the increased safety margin it is designed to be used in extreme conditions typical for industrial facilities and has functionality to analyze industrial protocols being used in ICS technological network.
It should be noted that ICL-KME CS, Check Point and Kaspersky Lab continuously cooperate and regularly hold similar workshops in different cities of Russia. They are also planning to present their work results at the jubilee ITSF Forum that will take place in Kazan in May.
“The main objectives of work were: determination of the current cybersecurity level and development of the priority areas for ICS information security upgrade in compliance with the Order of FSTEC (Federal Service for Technology and Export Control) of Russia No 31,” he comments. “Within the project, ICS security analysis was carried out using special tools which made it possible to detect actual vulnerabilities and cyber threats to ICS systems. Basing on the results of the project ICL-KME CS specialists managed to detect objects that were not sufficiently protected and could become potential targets for intruder attacks. They also elaborated recommendations on security upgrade and on priority measures for information protection.”