SecurityMatters – SILENTDEFENSE
SecurityMatters flagship product, SilentDefense enables cyber resilient industrial environments by ensuring the underlying network is healthy and threat-free at all times.
SilentDefense provides instant OT network and process visibility, and reports internal and external cyber threats in a clear and actionable way. As a result, operators can easily identify the source of a threat and take quick responsive action.
SILENTDEFENSE VERSION 3.13
SilentDefense 3.13 offers unprecedented visibility, proactive threat hunting capabilities and detailed vulnerability analysis. This version of SilentDefense™ has been designed to help users to implement a robust cyber defense strategy based on the proactive exploitation of intelligence information. The new features and benefits includes:
- Threat Intelligence Ingestion
- Forensic Time Machine
- Multi-Factor File Dissection
Electric power generation, transmission and distribution are carried out using different processes, vendors and technologies, but are all subject to a large number of common threats. These include network misconfiguration, device malfunction or misbehavior, insider threats and cyber attacks, such as the ones that affected the Ukrainian power grid in 2015 and 2016.
The distributed architecture of electric power transmission and distribution networks, and electric power generation based on renewable sources (hydroelectric, solar and wind) adds additional complexity, as both central and remote sites as well as their communications need to be protected.
With numerous projects in this industry, SecurityMatters has a proven track record of delivering value to electric power companies, providing visibility into their complex heterogeneous environments and detection of all the threats they are subject to. Our solution SilentDefense has successfully identified various networking and operational problems affecting grid operation, as well as intrusions by external attackers.
In recent years, the oil industry has been the target of many cyber attacks. Oil extraction (upstream), transportation (midstream) and refining (downstream) are carried out in large and complex infrastructures. With the current lack of visibility into network communications, it is almost impossible for oil industry operators to prevent the propagation of cyber threats.
By using SecurityMatter’s SilentDefense, oil companies have an instrument to detect cyber attacks at an early stage and prevent their propagation. Furthermore, in previous projects in the oil industry SilentDefense has proven valuable in identifying several operational problems and misconfigurations, boosting the network’s cyber resilience.
SecurityMatters has supported gas infrastructure operators in maintaining a cyber resilient industrial environment since 2013. In these years, our solution SilentDefense has reported several threats to the operational continuity of these companies. For example, it has identified device misconfigurations which required prompt vendor intervention, as well as insecure communications to remote stations that harmed the environment’s security.
SilentDefense is currently deployed at gas storage and pipeline monitoring facilities, protecting them both from internal and external threats and cyber attacks.
Protecting drinking and waste water management facilities is fundamental in guaranteeing the safety and well-being of the civilian population. Accidental or deliberate pollution of drinking and waste water may result in severe intoxication of cities and regions as well as environmental pollution. As this has happened in the past, it is vital to limit the possibilities of it reoccurring.
SecurityMatters has customers managing the entire waste-to-drinking water cycle. Monitoring these critical environments with SilentDefense helps our customers make their security perimeter stronger and identify any possible system misuse or attempt to tamper with the process. In addition, it provides a means of identifying other threats to the network’s cyber resilience, such as device malfunction and operational errors.
Incidents to the manufacturing of chemical products can have serious consequences to personnel safety and the environment. For example, production errors and mishandling of chemicals can lead to fire, explosions and other hazards to human life, as well as polluting the surrounding environment. Incidents can originate from multiple causes, some of which being malfunctioning equipment, operational errors and device misbehavior.
SecurityMatter’s platform SilentDefense is employed at large chemical plants to monitor the production network and provide operators with real-time visibility of network activity and threats, enabling early response and remediation.
The production of pharmaceutical drugs is subject to numerous insider threats. For example, uncontrolled configuration changes and mistakes in the production process may result in an incorrect dosage and therefore ineffective or even harmful drugs; production lines can stop due to device malfunction that is not identified and handled in time.
Additionally, key intellectual property such as drug recipes are stored in production equipment (servers and PLCs) that can become targets of external attackers. Industrial espionage operations are increasingly more common in the OT world, and production networks are often poorly protected.
SecurityMatters works with pharmaceutical companies to monitor the production of drugs and ensure the safe manufacturing of quality products. Utilizing SilentDefense makes production networks more secure and cyber resilient by identifying security breaches and intrusion attempts at a preliminary stage.
The manufacturing industry includes the heavy industry (e.g. metals and steel), food and feed, automotive and the production of other soft and hard goods. Several manufacturing facilities feature tight integration between production floors and back-office networks, in order to enable real-time processing and analysis of data for business purposes. Despite having clear business advantages, this tight integration facilitates the spread of external threats from server networks to production networks, potentially leading to incidents as occurred to a German steel factory in 2014.
Other production networks consist of isolated cells with limited connectivity to external networks. This isolation protects production networks from external threats, but cannot guarantee protection from common operational incidents. In particular, equipment malfunction or failure often results in unexpected process disruptions, whose investigation and resolution requires a huge amount of time and effort.
SecurityMatter’s SilentDefense supports manufacturing companies by enabling them to quickly identify external threats to the production network, as well as the source and extent of internal threats and operational incidents, saving operators substantial time and effort for remediation.
A country’s infrastructure, such as roads, railways, tunnels, bridges, dams and buildings, are all controlled by industrial control systems that guarantee their correct functioning. Hacks into road sign systems and public transport have occurred in the past, exploiting the fragile or non-existent cyber security countermeasures protecting them.
External and insider threat actors can exploit remote connectivity between central control systems and remote sites to perform undesired operations, such as opening dams and bridges, or controlling road signs and signaling systems. Building automation components such as air conditioning in server rooms or hospital equipment can be easily shut down by system misuse or malfunctions.
SecurityMatter’s customers operating in this industry employ the SilentDefense platform to enhance their infrastructure’s cyber resilience and protect it from both external threats and operational problems. SilentDefense’s early warnings enable the identification and mitigation of flaws before they affect the infrastructure’s correct operation.
Deployment, Operations, Integration & Support