BOSTON, June 21, 2017 /PRNewswire/ -- CyberX, the industrial cybersecurity company protecting ICS infrastructures worldwide, today announced that it is sponsoring an educational SANS webinar about "New Threat Vectors for ICS/SCADA Networks — and How to Prepare for Them."
Webinar presenters Mike Assante, Director of Critical Infrastructure & ICS at the SANS Institute, and Phil Neray, VP of Industrial Cybersecurity at CyberX, will cover rapidly-evolving ICS threat vectors that are top of mind for the ICS cybersecurity community.
The webinar will he held on Tuesday, June 27 at 1pm EDT (17:00:00 UTC). Those interested in attending can register here. (Note: If you're not a SANS member, you can create a free account to register.)
The webinar will discuss key ICS threat vectors and threat actors including:
- Automated ICS malware such as Industroyer/CrashOverride and Stuxnet: This emerging class of targeted malware hijacks industrial devices without requiring human intervention, communicating directly with them using native industrial protocols. It's easy to imagine the same advanced hacking tools being used to lock down production facilities and hold companies up for ransomware.
- Theft of corporate IP: According to the Verizon DBIR, trade secrets are the #1 data type breached in manufacturing companies. Sensitive details about proprietary processes, formulas, and designs can often be inferred from ICS components such as HMIs and PLC ladder logic. Cyber-adversaries include nation-states, competitors, and cybercriminal organizations seeking to sell valuable corporate secrets to the highest bidder.
- Nuisance malware such as WannaCry: While regular patching is indisputably good advice for IT networks — as in the recent WannaCry example — it can be incredibly difficult for legacy production systems that run 24x7 and have limited maintenance windows. This may explain why WannaCry shut down assembly lines at manufacturers such as Renault and Nissan. These systems are also more vulnerable to other non-targeted threats such as the 2016 malware infestation at the Gundremmingen nuclear plant.
- Hacktivists: This category includes single-issue activists — such as eco-activists and GMO activists — that target energy, pharmaceutical, chemical, and food production companies.
"While we must continue to be vigilant against threats to our critical infrastructure such as the electrical grid, non-utilities such as manufacturing, pharmaceuticals and chemicals are also juicy targets for cyberattackers," said Phil Neray, VP of Industrial Cybersecurity at CyberX. "We've also seen how quickly advanced hacking tools are shared between nation-states and cybercriminals. Fortunately, defenders now have access to sophisticated ICS monitoring, behavioral analytics, and anomaly detection capabilities to mitigate these risks."
About Mike Assante, Director of Critical Infrastructure & ICS at the SANS Institute (Twitter: @assante_michael)
Michael Assante is currently the SANS lead for Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) security. He previously served as VP and CSO of the North American Electric Reliability (NERC) Corporation, where he oversaw industry-wide implementation of cyber security standards across the continent. Prior to joining NERC, Mr. Assante held a number of high-level positions at Idaho National Labs and served as VP and CSO for American Electric Power. He has testified before the US Senate and House and was an initial member of the Commission on Cyber Security for the 44th Presidency. Before his career in security, he served in various naval intelligence and information warfare roles and was honored in 1997 as a Naval Intelligence Officer of the Year.
About Phil Neray, VP of Industrial Cybersecurity, CyberX (Twitter: @rdecker99)
Phil began his career as a Schlumberger engineer on oil rigs in South America and as an engineer with Hydro-Quebec. He has a BSEE from McGill University, is certified in cloud security (CCSK), and has a 1st Degree Black Belt in American Jiu Jitsu. Prior to CyberX, Phil held executive roles at enterprise security leaders such as IBM Security/Q1 Labs, Guardium, Veracode, and Symantec.
About CyberX (Twitter: @CyberX_Labs)
CyberX provides the most widely-deployed cybersecurity platform for continuously reducing risk to critical industrial infrastructures. Deployed in the world's largest environments and backed by military-grade cyber experts from the IDF, the CyberX platform uniquely combines continuous monitoring with M2M behavioral analytics and proprietary ICS-specific threat intelligence to identity advanced cyberattacks in real-time.
By monitoring ICS/SCADA/OT networks for targeted attacks, ransomware and industrial malware, the CyberX platform enables organizations to prevent costly production outages, catastrophic safety failures, and theft of corporate IP.
CyberX has gained considerable industry recognition including being named a "Cool Vendor" by Gartner. The company is also the only industrial cybersecurity vendor selected for the SINET16 Innovator Award sponsored by the US DHS and DoD, and the only ICS security vendor recognized by the International Society of Automation (ISA).
An active member of the Industrial Internet Consortium (IIC) and the ICS-ISAC, CyberX's groundbreaking ICS threat intelligence research was recently featured in the popular McGraw-Hill book series, "ICS Hacking Exposed." For more information visit CyberX-Labs.com.
Looking Glass Public Relations
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/cyberx-sponsors-sans-webcast-on-new-threat-vectors-for-icsscada-networks-including-industroyercrashoverride-300477223.html