Industrial Cyber Security

We provide industrial enterprises with fault tolerance and business continuity, preventing unauthorized access to system management and technological information.

SCADA terminal node security

Industrial cybersecurity solution specifically addresses threats at operator level in ICS environments. It secures ICS/SCADA servers, HMIs and workstations from cyber threats. SCADA terminal node security has a full compatibility with industrial automation systems, such as SCADA, PLC and DCS.

The solution operates at the industrial communication protocol (Modbus, IEC stack, ISO, etc.) layer, and searches for anomalies in industrial traffic via advanced DPI (Deep Packet inspection) technology.

Threats and risks eliminated:

Unauthorized software execution
Cryptors, ransomware, malware
Unauthorized device or wireless connections
PLC programs spoof
ICS specifics — airgaps; false positives for CS software/process, etc.
Appearance of unauthorized network devices or communications on industrial network
Network attacks
Malicious PLC commands (made in error by operator, due to fraud actions or malware)

ICS Security Assessment

The Industrial Control Systems (ICS) Security Assessment delivers a comprehensive evaluation of an ICS security program and a technical review of your ICS architecture. The results lie at the core of a strategic roadmap for improving the security of your ICS and SCADA systems.

Our experts can analyze industrial control systems of any industry: power generation and transmission, transportation systems, oil and gas production, mining operations, and many others. Depending on infrastructure and needs, we may use different security assessment approaches.

As a result of the ICS security assessment service, various vulnerabilities leading to obtaining unauthorized access to critical network components may be identified, including:

Insufficient physical security of ICS equipment
Vulnerable network architecture, insufficient network protection (including flaws in separation of the ICS network from other networks)
Vulnerabilities leading to network traffic interception and redirection (including ones in industrial communication protocols)
Vulnerabilities in ICS components, such as SCADA, PLCs, smart meters, etc.
Insufficient authentication and authorization in various services
Weak user credentials
Configuration flaws, including excessive user privileges, as well as non-compliance with security standards and vendors’ recommendations
Vulnerabilities in communications between the analyzed ICS and other systems (through a MES etc.)
Vulnerabilities caused by errors in applications’ code (code injections, path traversal, client-side vulnerabilities, etc.)
Vulnerabilities caused by using outdated hardware and software versions without the latest security updates
Information disclosure

Penetration Testing

Simulates various types of intruders upon your choice, the goal of which is to elevate the current privileges and access the ICS environment.

ICS Infrastructure Security Assessment

White-box security assessment, during which we will analyze technical ICS documentation, have interviews with ICS personnel, analyze industrial systems and protocols in use, and perform comprehensive technological audit of ICS components in the production environment.

ICS Solution Security Assessment

A deep security research of software and hardware ICS solutions in the test environment to look for new vulnerabilities, followed by pre-approved tests demonstrated on the real system.