Page 134 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 134
b. Use different management servers to the OT and IT networks (Windows domains, etc).
By doing so, compromising the IT domain will not compromise the OT domain.
4. Constant Network Monitoring
A constant network monitoring platform (we happen to know a really good one), will help you
identify threats while analyzing network traffic and will help you see the bigger picture of what’s
happening in your network.
5. Data Exfiltration
Monitor your network for unusual outbound traffic. Everyday user activity should not generate
uplink activity higher than about 200MB/daily per user.
How SCADAfence Helps You
We provide a comprehensive solution - The SCADAfence’s platform which was built to protect industrial
organizations like yours from industrial cyber attacks (including ransomware). It also helps you implement
better security practices amongst its built-in features. Some of these include:
• Asset Management
• Network Maps
• Traffic Analyzers
These tools will help your organization to implement better network segmentation, to make sure that your
firewalls are functioning properly, and that every device in the OT network is communicating only with
the ones that they should be communicating with. You will also be able to spot assets that are not where
they're supposed to be, for example, forgotten assets in the DMZ.
The platform, which is also the highest-rated OT & IoT security platform, also monitors the network traffic
for any threats, including ones that are found in typical ransomware attacks; such as:
• Security exploits being sent across the network.
• Lateral movement attempts using the latest techniques.
• Network scanning and network reconnaissance.
In an event of a security breach, SCADAfence’s detailed alerts will help you to contain these threats as
quickly as possible. Ultimately, we built this tool to help industrial organizations to understand their attack
surface, to implement effective segmentation and constant network monitoring for any malicious or
anomalous activity.
We’d like to share with you a true story of our recent incident response to an industrial ransomware
cyberattack. SCADAfence’s incident response team assists companies in cybersecurity emergencies. In
this video, we will review a recent incident response activity in which we took part. This research has
been published with the goal of assisting organizations to plan for such events and reduce the impact of
targeted industrial ransomware in their networks.
For more detailed information on this story, we prepared a full whitepaper here:
134