critical infrastructures brochure

LightSEC™ Until recently, Cyber attacks were aimed at Service Providers and Enterprises. The agenda was mostly economic – to hurt customers and ruin reputations. An infrastructure with such vulnerability also places their customers’ valuable data at risk. Today, the situation is even more severe. Critical infrastructures are now the preferred target for cyber terrorists who want to wage war within the comfort of their homes. If not addressed properly, the massive increase in such attacks will reach new peaks, with catastrophic consequences. As 225,000 Ukrainians were getting ready to celebrate Christmas this past December, an orchestrated attack to the power utility took cyber warfare to the next level, causing a blackout across a large portion of the country. Disregarding the cleverness of the operation, it was a really a simple exploitation of naïve employees, combined with an inadequate security solution, allowing a group of Russian (allegedly) cyber terrorists to paralyze three power companies. Let’s put aside the question of who is to blame and what their motives were for the moment. Enough has been already studied, analyzed, and written about what is widely considered the first known power outage cyber- attack in the world. It is far more important to understand how it was executed and how to prevent recurrence. Ultimately, it was a well-coordinated attack, remotely switching circuit breakers to cut off the power, backed up by installed malware to prevent technicians from detecting the attack. And it worked. This was the first cyber-attack on an electric utility that actually took out a power grid. To top it off, the attack also prevented customer service phones from reaching the call center by spamming them, thus blocking all communication with anxious customers. THE HOTTEST NEW CYBER WAR ZONE CRITICAL INFRASTRUCTURES ON THE CROSSHAIRS The Ukraine electricity cyber attack was the ‘opening shot’ for cyber warfare targeting critical infrastructures. The frequency of these types of attacks emphasizes the need for a comprehensive solution to prevent severe damage.

Upload: george-wainblat

Post on 14-Apr-2017

8 views

Category:

Technology


0 download

TRANSCRIPT

Page 1: Critical infrastructures brochure

LightSEC™

Until recently, Cyber attacks were aimed at Service Providers and Enterprises. The agenda was mostly

economic – to hurt customers and ruin reputations. An infrastructure with such vulnerability also places their

customers’ valuable data at risk. Today, the situation is even more severe. Critical infrastructures are now the

preferred target for cyber terrorists who want to wage war within the comfort of their homes. If not addressed

properly, the massive increase in such attacks will reach new peaks, with catastrophic consequences.

As 225,000 Ukrainians were getting ready to celebrate Christmas this past December, an orchestrated attack

to the power utility took cyber warfare to the next level, causing a blackout across a large portion of the

country. Disregarding the cleverness of the operation, it was a really a simple exploitation of naïve employees,

combined with an inadequate security solution, allowing a group of Russian (allegedly) cyber terrorists to

paralyze three power companies.

Let’s put aside the question of who is to blame and what their motives were for the moment. Enough has been

already studied, analyzed, and written about what is widely considered the first known power outage cyber-

attack in the world. It is far more important to understand how it was executed and how to prevent recurrence.

Ultimately, it was a well-coordinated attack, remotely switching circuit breakers to cut off the power, backed

up by installed malware to prevent technicians from detecting the attack. And it worked. This was the first

cyber-attack on an electric utility that actually took out a power grid. To top it off, the attack also prevented

customer service phones from reaching the call center by spamming them, thus blocking all communication

with anxious customers.

THE HOTTEST NEW CYBER WAR ZONE

CRITICAL INFRASTRUCTURES

ON THE CROSSHAIRS

The Ukraine electricity cyber attack was the ‘opening shot’ for cyber warfare targeting critical infrastructures.

The frequency of these types of attacks emphasizes the need for a comprehensive solution to prevent severe damage.

Page 2: Critical infrastructures brochure

THE AFTERMATH

DON’T BE THE NEXT VICTIM

To call it an organized attack is an understatement. Phishing emails to Ukraine’s power utility company employees were

sent six months prior to the attack. The emails contained official-looking Microsoft Word documents. When opened,

they installed malware on Ukraine power company workstations. The attacks were cleverly synchronized, occurring in

30 minute intervals, and impacted multiple central and regional facilities.

Now that the first round is over, and the warning is understood, we are doubly wary, and motivated to raise our defenses

against such attempts, especially those of us with more modern computerized grids or any other utility, for that matter.

In this day and age, utility downtime can be just as threatening as a military attack, with all its repercussions.

ECI’s LightSEC cyber security products offer comprehensive security solutions for the Critical Infrastructure

community. As you would expect, this includes encryption, firewall, DPI, VPN, SCADA protection, network anomaly

detection, big data cyber analytics, DDOS protection, strong authentication, and more.

ABOUT ECI

ECI is a global provider of ELASTIC network solutions to CSPs, utilities as well as data center operators. Along with

its long-standing, industry-proven packet-optical transport, ECI offers a variety of SDN/NFV applications, end-to-end

network management, a comprehensive cyber security solution, and a range of professional services. ECI's ELASTIC

solutions ensure open, future-proof, and secure communications. With ECI, customers have the luxury of choosing a

network that can be tailor-made to their needs today – while being flexible enough to evolve with the changing needs

of tomorrow. For more information, visit us at w w w.e c i t e l e .c o m

Contact your ECI rep TODAY about protecting YOUR infrastructure!

Co

py

righ

t © 2

016

EC

I. All rig

hts re

se

rve

d. In

form

atio

n in

this d

oc

um

en

t is su

bje

ct to

ch

an

ge

with

ou

t no

tice

. EC

I assu

me

s no

resp

on

sib

ility fo

r an

y e

rrors th

at m

ay a

pp

ea

r in th

is do

cu

me

nt.