Navigating New OT Security Frontiers: SIGA and Radiflow
28 - Feb 2024
RESOURCES
Yossi (Konstantin) Tarnopolsky, Director of Technology Alliances and APAC BD, at Radiflow
One of my favorite movies, “Blackhat” (a 2015 film directed by Michael Mann), opens with a powerful narrative in which a cyberattack targets a nuclear power plant in Hong Kong. While fictitious, this attack reveals significant weaknesses in critical modern infrastructures. The attackers use a variety of tactics to intentionally break into the plant’s Supervisory Control and Data Acquisition (SCADA) system. They cleverly change settings in the Human-Machine Interface (HMI), which go unnoticed by the engineers, leading to a failure in the cooling system. Eventually, this results in a sudden overheating crisis that culminates in an explosion leading to plenty of chaos.
There was a lot of foresight in the “Blackhat” movie. Today, nine years later, not only the energy sector, but many other critical infrastructure environments stand at a critical juncture, where ever-evolving cyber threats are no longer confined to the peripheries of ICS network security, but attack critical operations at their very core.
While the catastrophic threat scenario in Blackhat is dramatic, recent cyber events have demonstrated that reality can mimic fiction. The increasing sophistication and resulting impacts of cyber threats on critical infrastructure can turn Hollywood threats into dangerous realities. For example, in the Asia-Pacific energy sector, we have recently seen how cyberattacks are no longer just about data breaches, but can significantly disrupt critical operational processes.
In 2022, 59 percent of businesses in the Asia-Pacific region reported being the victim of a cyber attack, 32 percent reported being the victim of multiple cyber attacks. The pace intensifies: the Asia-Pacific region has been victim to a number of high-profile cyber attacks within the last 12 months.
Ransomware attacks, especially, have surged in frequency and severity, posing significant challenges to businesses and government entities. The attackers often demand cryptocurrency payments for the release of compromised data. But these attacks increasingly aren’t only about encoding data and holding it for ransom, they can also penetrate deep into the production networks, causing operational disruptions and serious safety concerns – pay up or melt down.
As described in the “Blackhat” movie, the attackers’ successful orchestration of a combination of sophisticated methods to target ICS equipment can happen in reality. This scary possibility has led us to venture forth to establish a new level of cyber-defensive sophistication necessary to protect critical infrastructure.
SIGA and Radiflow have joined forces to provide customers with a more advanced and sophisticated technology that increases the security of critical infrastructure and industrial operations. Our joint solution adds SIGA’s Level 0 anomaly detection technology, which secures actions of the raw, electrical signals in control loops, to Radiflow’s network surveillance capabilities that carefully monitor the behavior and communications of devices over the ICS network on the incessant lookout for anomalies that might indicate the dreaded breach. This powerful combination simultaneously addresses the vulnerabilities in physical devices AND network behavior – a capability whose need has been made painfully evident by recent attacks on production environments.
The core strength of this joint solution lies in its ability to monitor anomalies all the way from servers and devices communicating on the ICS network to the sensors and actuators, thereby detecting potential threats before they have a chance to escalate into a production or safety crisis.
By integrating SIGA’s detection at Level 0 with Radiflow’s network-level threat detection, this joint solution offers a comprehensive defense against the potential threats that can originate anywhere along the chain of operations. It represents a unified approach that enhances the resilience of critical infrastructures against both internal and external cyber threats.
While the collaboration between SIGA and Radiflow is indeed a technological advancement, the ultimate value is its strategic response to the dynamic and increasingly sophisticated cyber threat landscape. As the energy sector faces new challenges, this joint solution stands as a testament to the power of collaboration and innovation in securing our critical infrastructures and maintaining our way of life.
You are invited to join Radiflow and SIGA along with our esteemed client from Singapore, ST Engineering, in a LinkedIn Live Event on Wednesday, March 6, 14:00-15:00 CET.
Register here
