Critical infrastructures

Context

Critical infrastructures are prime targets for cyber attacks. However, their level of protection is often not adequate to deal with the risks and the dramatic consequences that would be caused by an attack on such companies’ information systems. Due to the improvement of attack methods and the security challenges for these infrastructures, the future of many companies and the survival of individuals might depend on them, so that this is our duty to offer the best protection to these IT systems that underpin our society.

Types of threats

Let’s take the example of France, which stands out from other European countries by the high proportion of electricity from nuclear sources. Several dozen power plants ensure total sovereignty over this strategic segment. These power plants and distribution networks are no exception in terms of exposure to cyber threats. In recent years, they have even become privileged targets because they offer a particularly critical impact. The french ANSSI administration publicly reported in 2018 and in 2019 about the detection of several unknown sleeping malicious softwares on this type of network. These elements could have been stored for subsequent use for diplomatic or financial pressure purposes: shutdown of one or more nuclear power plants following the execution of a malicious code in order to create a regional or national blackout, malfunctioning of PLCs and industrial systems leading to a total loss of control over reactors causing fears of explosion risks, etc.

The army is an essential part of a country’s influence in the world. As a strategic sector and at the heart of the economy, defensive resources built and deployed for the army have begun a real digital transformation: air, land, sea and air combat systems, telecommunications systems, UAVs, improved combat capabilities, real-time monitoring of military operations…. Information system security is essential to ensure the confidentiality of a country’s current and future operations. A breach of the integrity of these systems can lead directly to the loss of many human, civilian or military lives. A leak of classified information can reveal a country’s strategy, engage the responsibility of many actors and damage diplomatic relations.

Today, in our society, humans depend entirely on information systems and associated digital means. At the heart of this ecosystem, the Internet network is based on a set of operator networks that must face new challenges every day: an exponential increase in the number of data to be carried, an explosion in the number of connected objects, an acceleration of cloud services, and the diversification and industrialization of cyber attacks, to name but a few. These operators are therefore an essential pillar of the functioning of our modern societies, making them privileged targets for malicious actors. Listening to an operator network can give a considerable advantage to an attacker who can block or modify all or part of the information circulating on the attacked public network, the attack on the availability of this same network allows him to block an entire section of our society, all services combined (energy, transport, banking, insurance, public services…). Recent Distributed Denial of Service attacks show that attackers are investing massively to have attack capabilities that can damage operators’ very robust infrastructures.

TEHTRIS Protects critical infrastructures

eGambit has been designed to detect and address all types of threats, including those created specifically to target critical environments. Based on artificial intelligence, sandboxing, heuristic analysis, eGambit is orchestrated by SOC analysts with extensive expertise in the field.

The constraints of safety systems in critical environments require a level of security that must not impact the structure under any circumstances. This is why eGambit is a key security tool because it is low-intrusive, reliable and responsive. It anticipates threats and stops risky behaviours before they have the slightest impact on normal operations. The detection grid ensures that all known and unknown threats will be prevented from passing through our cyber arsenal.