Our videos have over 5 million views on Youtube! Visit our channel now »
The listings featured on this site are from companies from which this site receives compensation. Read the Advertising Disclosure for more information
Disclosure:
Professional Reviews

vpnMentor contains reviews that are written by our community reviewers, and are based on the reviewers' independent and professional examination of the products/services.

Ownership

vpnMentor is owned by Kape Technologies PLC, which owns the following products: ExpressVPN, CyberGhost, ZenMate, Private Internet Access, and Intego, which may be reviewed on this website.

Affiliate Commissions Advertising

vpnMentor contains reviews that were written by our experts and follow the strict reviewing standards, including ethical standards, that we have adopted. Such standards require that each review will be based on an independent, honest and professional examination of the reviewer. That being said, we may earn a commission when a user completes an action using our links, which will however not affect the review but might affect the rankings. The latter are determined on the basis of customer satisfaction of previous sales and compensation received.

Reviews Guidelines

The reviews published on vpnMentor are written by experts that examine the products according to our strict reviewing standards. Such standards ensure that each review is based on the independent, professional and honest examination of the reviewer, and takes into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings we publish may take into consideration the affiliate commissions we earn for purchases through links on our website.

SCADAfence - Securing The Systems That Power Our Life

SCADAfence is a pioneer in securing Industrial IoT/Industrie 4.0 networks from cyber threats, covering the smart manufacturing and smart building sectors, pharmaceutical, chemical, food & beverage, automotive and building automation industries. Following the recent WannaCry events, we sat down with CEO Yoni Shohet to find out what kind of threat are SCADA systems facing today, what are the risks for our day to day lives, and how does SCADAfence help to prevent them?

For those who don’t know, could you  give us a brief overview of what are SCADA systems?

A SCADA system or an industrial control system is in charge of managing critical manufacturing and control systems of the most important things we use day to day. They are the automated computer systems that are controlling processes in critical infrastructure, manufacturing plants and building management systems. These operational technology (OT) networks are highly sensitive and prioritize the availability of the production systems above all.

How does IOT look from an industrial perspective?

Industry 4.0 and industrial IOT are two terms that go together. It is the concept of taking devices and enabling them to become smarter sensors in order to improve their productivity and reduce operation costs. Industrial control systems are now highly interconnected and there are growing connections between the devices internally and between the industrial network to external environments. While new technologies that are introduced into the production networks increase efficiency and allow companies to focus more on innovation, they also expose these networks to new threats, which require security measures to be taken into account at all times.

What kind of threats are SCADA systems facing these days?

There are 4 main threats that can occur as part of a cyber attack:

  1. Operational downtime, where hackers sabotage and create unexpected downtime. We've seen this happening twice in 2015 when the entire Ukrainian electricity grid got shut down by politically-driven cyber criminals.
  1. Product manipulation- instead of stopping the operation, some hackers manipulate the end product by changing the recipe or formula to create a different outcome. As a result, severe damages can be caused such as spoiled production batches or a defective product released to the market, which could potentially destroy a brand's reputation forever.
  1. Sensitive information- Some hackers try to target information like secret formulas or production methods that are of great value for black market or for competitors.
  1. Ransomware, whereby hackers target and encrypt data, and then demand money in exchange for keeping it secret or letting you use it. This type of threat also applies at an industrial scale, only the risks go way beyond the personal level. The biggest concern is that the hacker will try to control the production process and force manufacturers to pay so they can regain control over their own environment.

Recent events such as WannaCry ransomware campaign shows how generic attacks initiated by cybercriminals can also affect industrial control systems. Due to the attack, multiple industrial companies in various industries were hit. The most severe incident we know of so far is Renault/Nissan, which had to halt production in some factories due to the WannaCry attack.

What are non-malicious threats? And what risks do they impose?

Not all threats are derived from malicious intentions. Even human errors can create the same effect, where an innocent mistake or misconfiguration can lead to a different reaction to what the system was programmed to do. Since we are already monitoring the industrial environment, we help our customers to reduce risks that are also created unintentionally.

How are Cyber risks different across different industry sectors?

We work with various industries like manufacturing, critical infrastructure, building management systems, and there is indeed a lot of difference. Motive for instance is usually very different, in some cases it's mostly motivated by regulation, while other industries are more motivated by business needs. The actual technologies being used and the vendors involved could also vary between industries. That being said, any sector can benefit from our solutions.

How do you begin to assess the safety of a SCADA system? What would be the first things you'd look at?

Our technology is able to listen to the communications in a non-intrusive way and analyze what is the normal behavior profile. This allows us to quickly recognize when there are deviations from the expected behavior. Our three main benefits are:

  • Visibility to the asset and network activity. Many companies are not even aware of the devices running on their network; they know the process but they don’t know the protocol and the assets within the environment. Being able to see your entire network is the first step towards securing it.
  • Risk management helps the user to identify where breaches could come from in the future, and how an attack can make use of those access vectors to attack the industrial environment.
  • Detection of threats - detecting ongoing threats such as cyber-attacks or non-malicious activities that are attempting to change the normal operations and require immediate response from the user.

What trends can we expect to see in the near future with SCADA security?

Generally what we're seeing in the industry is an IT/OT conversion. These 2 fields are becoming closer together, and are starting to create joint processes that focus on industrial IOT.

Security needs to be addressed by those teams. Specifically in industrial control systems, joint teams today need to bridge the gaps between IT/security teams and the operational teams, who need to work together. Only companies that have a joint IT/OT efforts to address their industrial security needs, are able to effectively secure their most critical assets.

 

About the Author

Ditsa Keren is a cybersecurity expert with a keen interest in technology and digital privacy.

Did you like this article? Rate it!
I hated it! I don't really like it It was ok Pretty good! Loved it!
out of 10 - Voted by users
Thank you for your feedback
Comment Comment must be from 5 to 2500 characters long.