For almost 200 years, the practice of plunge dipping has been used by farmers worldwide. By bathing their sheep in chemical compounds, they are protected from outside parasites – saving the farmers their flocks, livelihoods and businesses. In 2005, a British farmer realised he, together with exterior sources, could protect his flock, save £600 a year and streamline sheep dipping for everyone simply by preventing the virus from entering the farm altogether – all for just £0.25 per animal.
Five years later, some 4,000 miles away, a malicious worm known as ‘Stuxnet’ was released onto a network in a nuclear facility in Iran, spreading like wildfire across the globe. Targeting industrial control systems and intending to cause major devastation, the worm infected over 200,000 computers and caused 1,000 machines to physically degrade. But just how did one of the world’s most sophisticated worms become an overnight international threat?
Stuxnet was unknowingly passed around thousands of networks via USB flash drives by employees and the general public alike. Cyber security experts claimed the attack could have caused a nuclear disaster to surpass Chernobyl – all because nobody was ‘sheep-dipping’ their storage devices.
Consider a farmer introducing a new sheep into his flock without dipping him first. He may be clean and free of infection, but what if he isn’t? What if the parasites spread through the whole flock faster than the farmer can react? Without a healthy flock, his business will suffer – but without his business, how will he pay for treatment? How can he stop the infected sheep re-infecting those who have already been treated?
This entire scenario can be applied to your Industrial Control System. Your infrastructure is as important to you as the sheep to his farmer. Just one case of malicious code on a USB drive can infect your entire system, and anti-virus software can only do so much damage control. Just like the British farmer, your goal should be to stop the virus in its tracks before it even gets into your system – and just like the farmer, you should be sheep dipping any external storage devices before they even enter your building or production plant.
Understandably, this may sound easier said than done. Prohibiting storage devices or monitoring their use can be impractical and difficult to manage, and your efforts can easily go unrewarded by those who manage to infiltrate and infect your network regardless of your policy.
USB security solutions
Kub is an analysis and decontamination solution for USB devices. It allows you to protect your computer from infections included in a USB device.
As an innovative solution, the KUB is managed through a SaaS management server with access to analytics, reporting, history, etc.
The WorkStation Protect agent offers you the option of blocking all external devices that have not been analyzed by a KUB.
Available as a console, the KUB fits perfectly into both the environment and your infrastructure.
With is 12" HD touchscreen the solution becomes "plug and play” and facilitates his adoption by your users.
The KUB comes with 2 antivirus by default, for added security you can add up to 3 additional antivirus.
SIMPLE, FAST AND SECURE
Nothing simpler than the KUB to clean your USB device!
Plug in your USB device on the KUB: the analysis is performed in a few minutes. After finishing the analysis, then your device is healthy and ready to connect to your network.
An unanalysed key can be blocked by computers.
The terminals are available to users to detect threats on their USB devices. They can choose to scan all or part of their device and access an analysis report. The KUB user interface is fully customizable with the colours and logo of your organization.
HOW IT ALL WORKS
Modern enterprises of all types and sizes face an increasing number of challenges from major attack vectors, including email, BYOD, the Cloud, and web portals. OPSWAT created a platform for preventing and detecting cyber security threats on multiple data channels and devices. The platform is powered by patented technologies and is controlled by a flexible workflow engine to efficiently prevent advanced threats. OPSWAT main use cases include isolated network protection, web and email security, and secure device access.
Trust no file. Trust no device
Isolated Network Protection
Critical networks are especially challenging for security practitioners because isolated and air-gapped networks are vulnerable to attacks from portable media and other file transfer technologies. OPSWAT creates a secure end-to-end process for transferring files to and from isolated networks, which is widely used in manufacturing, energy, government, banking, pharmaceutical, and entertainment industries.
The industrial Control System Protection Neural (ICSP) is a self-contained aluminium unibody USB scanning Station that scans, detects and protects critical IOT environments from USB-borne malware traversing the air-gap.
For secure media transfer, the scanning station leverages and visualises our most advanced threat protection-machine learning cross-hatched with signatures, emulation, and reputation to help protect you against weaponised malware.
Industrial OT (operational Technology) elements have become highly vulnerable as a result of:
Everyday USB usage can infect these OT environments.
Dependence on operating system that are not readily updated or are too expensive to replace.
Poor AV compatibility due to resource sensitivity or interoperability issues.
Plug, Play & Enforce
Whether your industrial control system (ICS) is 20 years old or brand new machinery, ICSP gives you a high degree of protection without replacing existing equipment, software or downstream operations.
ICSP includes a lightweight enforcement driver to validate that a USB was scanned by the ICSP Scanning Station. This functionality requires no connection between the target system and the station and can preserve the disconnected or air-gapped state of the OT network.
Our neural engine deploys over-the-air to ICSP Neural stations as an in-field upgrade (2019). This upgrade enhances our industry-leading efficacy with deep learning.