For most security incidents, the subsequent investigation shows that there were previously several, clearly identifiable indications that could have prevented the incident. A result that comes as a surprise.
The reason: companies often feel too secure because of incorrect assessments.
“A network firewall keeps the bad guys off my network.” Isn’t that right?
“My antivirus will detect and eliminate any virus I might get.” Right?
“My password-protected applications ensure that only authorized personnel can access my network.” Don’t they?
The bottom line: I’m completely secure!? – Wrong!
A firewall has holes to let data through: Without these holes, you would not be able to access systems or send or receive data. Antivirus programs are only good at detecting viruses they already know about. And passwords can be hacked, stolen, or read on the Post-It lying around.
Here’s the problem. You’ve used all this technical security – but all you really have is a false sense of security. In reality it looks different: If anything or anybody has a goal to get through these defenses or these intended and unintended loopholes, they will succeed. In addition, there is a whole range of little-known or unknown vulnerabilities that criminals know very well, but which they can exploit and gain access to – whether for fun, profit or malice.
A hacker will quietly change the system and create a back door so that he can come and go unnoticed at any time. A Trojan is designed to hide itself. Its actual task of collecting confidential information and secretly sending it to the source is superbly hidden. You won’t even notice it’s happening – even worse, you’ll think it’s not happening – because there is a firewall, antivirus software and passwords in the company and on the systems.
The solution: Continuous monitoring of the plant systems
Segmenting the plant networks is not enough, because this segmentation also has holes through firewalls. But with attack detection through continuous monitoring and checking for anomalies, you “see” what’s going on in your network and can act early – not just when the incident has had an impact.
IRMA, the security appliance for critical infrastructures and networked automation in production plants, offers precisely this monitoring – and thus the certainty that your systems are comprehensively protected against cyber attacks.
Don’t make it too easy for attackers – anything else would be flying blind.
All trademarks are property of the respective manufacturers or companies.
Blog article in cooperation with our partner Achtwerk GmbH: acht-werk.de