How critical infrastructures - KRITIS can protect themselves against cyber attacks - Cyber Security Services from DriveLock

How critical infrastructures can be protected against cyber attacks

Find out how to meet the IT security requirements for critical infrastructures to prevent attacks.

 

DriveLock in Practice

Use case | Critical infrastructures

 

The country's supplies and necessities in plain sight for attackers

They provide basic services for the community with millions of people affected in the event of a disruption. Critical infrastructures pay special attention to their security measures for good reason, and legislation also caters for this: through strict regulations and mandatory audits. An attack can quickly lead to a domino effect. We help you to arm yourself against this!

Energy
Water
Health
Information and Communication
Transport
Food / Nutrition
Typical critical infrastructures

Critical infrastructures targeted by cyber attacks & pressured by regulations 

The reliability of supply as a premise is what makes companies with critical infrastructures crucial as they guarantee a country's vitality. 

In most countries, in the European Union, Australia or the USA, for example, critical infrastructures have been defined by law and considered vital for the basic supply of a country. So crucial that their decommissioning or destruction would have a weakening effect on safety, economic security and public health. The following sectors are unanimously considered to be critical:  
  • electricity and water supply
  • information technology and communications
  • healthcare
  • finance
  • transportation
  • government, state and administration
    and some other country-specific sectors

 

Obligation to provide proof of functional IT security to critical infrastructures

Critical infrastructures have been the target of cyberattacks for some time, as current reports show:

           +++++++++++++++++++++++++++++++++     NEWS   +++++++++++++++++++++++++++++++++++

  • A ransomware attack at the Brooklyn Hospital Center in New York hitting several computer systems  caused permanent loss of some patient's data.
  • In December 2015, the world witnessed the first known power outage caused by a malicious cyber-attack. Three utilities companies in Ukraine were hit by BlackEnergy malware, leaving hundreds of thousands of homes without electricity for six hours.
  • Polish national airline LOT grounded planes in June 2015 after its flight plan system was disabled by hackers in a Distributed Denial of Service (DDoS) attack. Weeks later in July, United Airlines grounded its fleet after suffering a technical fault. 

With the rise of cybercrime, operators of critical infrastructures must prove that their IT security measures are appropriate and "state of the art". The effectiveness of the IT measures must be proven through certification or audits. Attention: Not only critical infrastructure companies are affected, but also their suppliers. Larger clients usually expect certain security measures from their suppliers to be able to provide appropriate security evidence. 

 

 

Why is DriveLock the right partner?

Learn more about security awareness and application control through intelligent whitelisting in our free whitepaper.

Download

Security Awareness und Application Control with Predictive Whitelisting

 

 

 

 

Why are critical infrastructures particularly profitable for attackers?

  • Society is dependent on the services of critical infrastructures. Their availability and quality have a high impact on a functioning polity.

  • The critical sectors are interdependent, for example, power supply and information and telecommunications sectors. In the event of damage, there is a risk of a domino effect between the sectors.
Critical infrastructures are highly interconnected and vulnerable to cyber attacks

What are the requirements regarding data processing and data security?

In the field of cyber security, critical infrastructures should cover the following considerations (source: German Guidelines on content and requirements for industry-specific security standards - B3S).
The USA regulations can be found at CISA, for Australia, details can be found here.

Asset
Management

Inventory of the relevant information technology processes, systems and components 

Technical information security

Categories of measures, including device control, malware protection, encryption, multi-factor authentication

 

Incident detection and handling

Detection of attacks and IT incidents as well as reaction to them and forensics

Threat categories concerning cyber security are typically:

  • Hacking and manipulation
  • Identity misuse (phishing, skimming, certificate forgery)
  • Abuse by internal perpetrators
  • Manipulation, theft, loss, destruction of IT or IT-relevant systems and system components
  • Malware
  • Social engineering

 

How can you prevent effectively with DriveLock?

  • Protection against malware
    Application Control from DriveLock:

    The intelligent whitelisting procedure, i.e. a positive list of approved programs that can be dynamically extended

  • Device control, intrusion detection/prevention
    Device Control from DriveLock:

    Device control (only authorised use of external media such as USB sticks).
    Forced encryption of data written to external media is also available as an option.
    DriveLock also supports full auditing of external media usage and logging of data flow, including shadow copies. 

  • Encryption
    Encryption from DriveLock:
    • Transparent and fast hard disk encryption
    • Reliable directory and file encryption
    • Encryption of removable media such as USB sticks, CD/DVD or mobile hard disks
    • BitLocker Management
  • Human error
    Security Awareness from DriveLock:

    Sensitisation of staff and employees through online lessons and interactive training modules e.g. for protection against phishing attacks and social engineering.

  • Multifactor authentication

    DriveLock SmartCard Middleware:

    Provision of a smartcard middleware for the efficient management of smartcards (also for new versions). Thus, access/access control and multi-factor authentication can be realised independent of the manufacturer and cost-effectively.

 

Do you have questions about our DriveLock solutions?

Our specialists will be happy to help you.