Challenges

The loss of control over infrastructure assets can lead to severe consequences. The sources of threats are not only natural disasters but also cyber attacks by terrorist groups and state organisations. The introduction of TCP/IP protocols and the penetration of IT and OT networks, even in critical infrastructure systems pose a threat to security and the availability of services. Adversaries may use known or unknown vulnerabilities to take control of protection devices, IEDs, PLCs, RTUs, and SCADA systems.

4tn USD

estimated losses on four-day blackout in the USA in 2003

7

110kV transmission lines were disconnected as a result of the cyber attack in Ukraine in 2016

61%

companies experienced network attacks only in 2018

How can we help?

We will assess the security of critical infrastructure and identify threatened areas in the following layers: SCADA systems, PLCs, RTUs, IEDs, field protection devices, network segmentation and separation. We will conduct a controlled attack on critical infrastructure assets following an approved scope and an agreed scenario. This will allow to assess the current level of security and identify areas under threat, as well as the potential consequences of a cyberattack. We will help develop proper procedures and incident response methods. In particular, we offer:

Red Teaming: actions that allow testing of teams, processes and technologies readiness to protect critical infrastructure control systems, by simulating real-world attacks trying to breach the defenses.

Threat Intelligence: proactive reduction of cyber threats in the organization by providing, in advance, information about upcoming threats.

Cybersecurity Audit: security assessment of critical infrastructure components, key organizational layer processes to identify threats, and implement corrective actions. A special case of such an audit is the examination of compliance with the polish implementation of NIS Directive (Ustawa o Krajowym Systemie Cyberbezpieczeństwa).

Cybersecurity audit may include penetration tests of components such as: SCADA system, operator and engineering stations, devices providing remote access, control devices: PLC, IED, RTU using network protocols, among others IEC60870-5: 104, IEC 61850, DNP3 and Modbus TCP / IP.

CBOM: analysis of third-party software components along with their versions and existing vulnerabilities based on the source code, firmware or reverse engineering of the device itself. Security assessment and audit of non-public, software components implemented by the device manufacturer.

Segmentation and separation of OT networks network monitoring to identify key devices and isolating selected system components to ensure the required level of security.

Benefits

Reducing the risk of a potential cyberattack by:

image
an assessment of potential threats related to key critical infrastructure components
image
practical preparation of organizations and security teams (SOC) if a cyber attack occurs
image
identification and assessment of vulnerabilities in the device firmware
image
ongoing response to threats to the organization identified by OSINT and Threat Intelligence
image
supporting and monitoring network segmentation process
image
raising cybersecurity awareness in the organisation

Contact us - we will prepare an offer

READ MORE

Related articles:

AMI System Security
Read more
AMI System Security
Read more
AWS Level 1 MSSP
Read more