Mumbai: Kaspersky has launched the new edition of its industrial network visibility and security platform, Kaspersky Industrial CyberSecurity for Networks. In addition to operational technology (OT) traffic monitoring for unauthorized activity, Kaspersky Industrial CyberSecurity for Networks now flags vulnerabilities in equipment and gives recommendations for their mitigation.
Also, it has added support for the BACnet protocol allowing the product to effectively protect smart building systems. Automated learning mode for traffic monitoring, seamless protocol updates, and the new web console also simplify management and improve efficiency in fighting industrial threats.
Kaspersky’s recent research shows that 39% of industrial control systems’ (ICS) computers were subjected to cyberattacks in 2020. To ensure these attacks don’t affect critical industrial processes, the protection should cover the entire heterogeneous OT environment, with diverse equipment and customized systems.
It is also important to be aware of ICS software vulnerabilities to prevent them from being used for advanced threats, to reduce the attack surface and minimize possible consequences of a cybersecurity breach.
The new version of Kaspersky Industrial CyberSecurity for Networks enables vulnerability management to help customers learn about new weaknesses in their equipment and patch or mitigate them in time.
The accurate and comprehensive details, such as CVE-ID, criticality, exploitation conditions, possible consequences and guidance for mitigation, are available in the product management console. There’s no need to inspect dedicated reports in multiple third-party sources that may not necessarily include all background information and practical recommendations.
The data is provided by Kaspersky Industrial Control Systems’ Cyber Emergency Response Team (ICS CERT), a global project devoted to identifying potential and existing threats that target industrial automation systems and industrial IoT.
To ensure protection of diverse OT environments and devices, the platform enhances protocol support and adds new ones, such as MICOM, Profinet, TASE.2, DirectLogic, and BACnet.
Kaspersky Industrial CyberSecurity for Networks can be used for smart building automation system protection. The new protocols and DPI (deep packet inspection) algorithms for traffic inspection are being delivered seamlessly through automatic database updates.
In terms of incident prevention, the enhanced product significantly simplifies the task of rules creation to detect deviations in OT traffic. During the new learning mode, Kaspersky Industrial CyberSecurity for Networks analyses how the manufacturing process parameters (tags) change and automatically creates the rule for normal work of the equipment. This is so the IT security operator doesn’t need to create them manually.
It also suggests numerous usability and manageability enhancements. A brand new web console offers extended incident visualization capabilities for more detailed threat analysis. Information about detected incidents is now mapped to MITRE ATT&CK for ICS attacks tactics and techniques, so security experts can have additional insights for attack investigation. In the web console, the administrator can quickly deploy the platform to new industrial equipment and add connectors to third-party systems, such as SIEM, firewalls or SCADA via REST API.
“Proper protection for OT environments can require fine-tuning and many manual steps. Our goal in this update was to simplify this task for IT security teams: make security management more convenient, improve equipment coverage, and automate functions,” said Andrey Strelkov, Product Manager – Enterprise Products, Kaspersky.
“The added vulnerability management also simplifies this traditionally daunting task. Indeed, unlike IT devices, OT cannot always be updated at the click of a mouse and without consequences for neighbouring systems. But it is still important to find ways for patching or mitigation, with which Kaspersky Industrial CyberSecurity for Networks now helps,” added Strelkov.