Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Op-Ed: Maritime and port environments attracting capable adversaries

From Brisbane to Perth and all ports in between, maritime trade is a critical component of our economy.

user iconHayley Turner
Mon, 19 Jun 2023
Op-Ed: Maritime and port environments attracting capable adversaries
expand image

Industrial control systems (ICS) and operational technology (OT) contain similar systems and software components to what is seen in land-based critical infrastructure installations, such as building management, power, manufacturing, and oil and gas. These systems that operate physical processes are much different from IT systems (and security protections) that we all know.

But as maritime vessels, ports, and waterways continue to adopt new technology to improve GPS, propulsion, safety, and traffic management capabilities, these developments dramatically increase security risks and attacks from capable adversaries.

With cyber incidents disrupting timelines and logistics and the threat to the health and safety of crews and communities, it’s important to lower your risk and protect the trust of your customers and stakeholders. As such, it’s important to protect everything from landside facilities to shipboard systems. We’ve seen other transportation and logistics companies becoming more aware of the potential impacts of disruption from cyber incidents, which is why they have chosen to work with us to protect Australian critical infrastructure.

============
============

Dragos protection helps protect those maritime systems and other transportation systems, as well as mining, oil and gas, electric and chemical facilities. Our technology also offers monitoring across standard ICS/OT systems and devices found onboard ships, such as safety management systems like those found in FRCS, and cargo management systems. We have a team of researchers, hunters, and defenders who work together to help you minimise this risk and improve mission resiliency. We deliver it as the most advanced ICS/OT cyber security software platform to detect and respond to cyber threats:

Asset visibility

Monitoring your network to deliver a comprehensive and real-time understanding of all assets. Our platform will help you to identify crown jewel assets, create asset inventories, and identify unusual activity across thousands of devices.

Vulnerability management

OT cyber security teams are overwhelmed by hundreds of vulnerabilities. Without simple, prioritised guidance, you’ll waste time and money patching vulnerabilities that aren’t important, and you can easily miss those that are truly critical. Our platform simplifies compliance and reporting, prioritises vulnerabilities that matter most, and provides practical mitigation advice when a patch is not practical.

Threat detection

Adversaries evolve their tactics, techniques, and procedures with subtle behaviours that are easily lost in the noise of your environment. This is one reason why IT-borne anomaly-based threat detection fails in the OT world, causing investigators to suffer from alert fatigue, ignore relevant alerts, and chase false alarms. Our platform leverages our WorldView OT Threat intelligence unit to detect those threat behaviours, to immediately see any unauthorised IT-OT traffic across complex networks. We analyse file downloads, detect potential adversaries in the environment, and provide contextualised notifications that help you triage events and prioritise your work effectively.

Incident investigation

When faced with a potential incident, clear and carefully vetted guidance can be the difference between quickly restoring operations or making the situation worse. Our platform enables you to analyse changes and forensic records, efficiently manage response and recovery, and leverage prescriptive playbooks with proven, tested response protocols.

Cross-functional operations insights

Monitoring assets and properly dissecting and inspecting network traffic requires in-depth protocol coverage; otherwise, threats remain hidden. Our customers use our platform to detect operational process errors quickly and efficiently, monitor ICS/OT network and device health, support ATO/ RMF artifacts, and integrate active defence via SIEMENS Siber Protect.

Actionable threat intelligence and defensive recommendations

Our latest WorldView research highlights a new threat group targeting oil and gas and maritime assets. Bentonite seeks to exploit vulnerable remote access or internet-exposed assets that can facilitate access to the broader enterprise. Maritime environments are specifically targeted by the group, and Dragos is closely monitoring its activities, reporting defensible, action-oriented advice via our threat intelligence program. Backed by a team of ICS cyber security experts with deep industry knowledge, our WorldView threat intelligence provides in-depth visibility of threats targeting OT environments and defensive recommendations to combat them.

Calmer waters

There is no time to waste in ensuring you can respond quickly and recover confidently when attackers strike.

By having a proactive approach in place, you will bolster your security posture and get access to incident responders who have been on the frontlines of cyber attacks globally. These responders are familiar with your environment and highly skilled at OT cyber security crisis management. Working together with our people, tools and intelligence, we can steer you to calmer waters with a powerful investigation workbench with detailed forensics records and prioritised guidance for vulnerabilities and risk mitigation.

Hayley Turner is the director for Draqos, Australia and New Zealand.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.