Wyzwania

Utrata kontroli nad elementami infrastruktury może doprowadzić do poważnych konsekwencji. Źródłami zagrożeń są nie tylko katastrofy naturalne, ale także ataki cybernetyczne ze strony grup terrorystycznych oraz organizacji o charakterze państwowym. Wprowadzenie protokołów TCP/IP oraz przenikanie sieci IT oraz OT nawet w systemach infrastruktury krytycznej niesie ze sobą zagrożenie dla bezpieczeństwa oraz dostępności usług. Adwersarze mogą wykorzystywać znane lub nieznane podatności do przejęcia kontroli nad urządzeniami zabezpieczeń, sterownikami IED, PLC, RTU oraz systemami SCADA.

4tn USD

szacowane straty z tytułu czterodniowego blackoutu w USA w 2003 roku

7

linii przesyłowych o napięciu 110kV zostało odłączonych w wyniku cyberataku na Ukrainie w 2016 roku

61%

firm doświadczyło ataków sieciowych tylko w 2018 roku

Jak mozemy Ci pomóc?

We will assess the security of critical infrastructure and identify threatened areas in the following layers: SCADA systems, PLCs, RTUs, IEDs, field protection devices, network segmentation and separation. We will conduct a controlled attack on critical infrastructure assets following an approved scope and an agreed scenario. This will allow to assess the current level of security and identify areas under threat, as well as the potential consequences of a cyberattack. We will help develop proper procedures and incident response methods. In particular, we offer:

Red Teaming: actions that allow testing of teams, processes and technologies readiness to protect critical infrastructure control systems, by simulating real-world attacks trying to breach the defenses.

Threat Intelligence: proactive reduction of cyber threats in the organization by providing, in advance, information about upcoming threats.

Cybersecurity Audit: security assessment of critical infrastructure components, key organizational layer processes to identify threats, and implement corrective actions. A special case of such an audit is the examination of compliance with the polish implementation of NIS Directive (Ustawa o Krajowym Systemie Cyberbezpieczeństwa).

Cybersecurity audit may include penetration tests of components such as: SCADA system, operator and engineering stations, devices providing remote access, control devices: PLC, IED, RTU using network protocols, among others IEC60870-5: 104, IEC 61850, DNP3 and Modbus TCP / IP.

CBOM: analysis of third-party software components along with their versions and existing vulnerabilities based on the source code, firmware or reverse engineering of the device itself. Security assessment and audit of non-public, software components implemented by the device manufacturer.

Segmentation and separation of OT networks network monitoring to identify key devices and isolating selected system components to ensure the required level of security.

Benefits

Reducing the risk of a potential cyberattack by:

image
an assessment of potential threats related to key critical infrastructure components
image
practical preparation of organizations and security teams (SOC) if a cyber attack occurs
image
identification and assessment of vulnerabilities in the device firmware
image
ongoing response to threats to the organization identified by OSINT and Threat Intelligence
image
supporting and monitoring network segmentation process
image
raising cybersecurity awareness in the organisation

Contact us - we will prepare an offer

READ MORE

Related articles:

Audyt bezpieczeństwa kodu
Read more
Audyt bezpieczeństwa urządzeń mobilnych
Read more
Audyt KSC
Read more