Critical infrastructures
Context
Critical infrastructures are prime targets for cyber-attacks. However, their level of protection is not often adequate enough to deal with the risks and the dramatic consequences of an attack on their information systems.
Attack methods and security challenges for these infrastructures are continually developing causing higher risks for the future of many companies and the survival of individuals. It is therefore our duty to offer the best protection to these IT systems that underpin our society.
Types of threats
Let’s take the example of France, which stands out from other European countries by the high proportion of electricity from nuclear sources. Several dozen power plants ensure total sovereignty over this strategic segment. These power plants and distribution networks are no exception in terms of exposure to cyber threats. In recent years, they have even become privileged targets because they offer a particularly critical impact. The French ANSSI administration publicly reported in 2018 and in 2019 about the detection of several unknown sleeping malicious software programs on this type of network. These elements could have been stored for subsequent use for diplomatic or financial pressure purposes. Examples include the shutdown of one or more nuclear power plants following the execution of a malicious code in order to create a regional or national blackout and the malfunctioning of PLCs and industrial systems leading to a total loss of control over reactors causing fear of explosion.
The army is an essential part of a country’s influence in the world. As a strategic sector and at the heart of the economy, defensive resources built and deployed for the army have begun a real digital transformation: air, land, sea and air combat systems, telecommunications systems, UAVs, improved combat capabilities, real-time monitoring of military operations…. Information system security is essential to ensure the confidentiality of a country’s current and future operations. A breach of the integrity of these systems can lead directly to the loss of many human, civilian or military lives. A leak of classified information can reveal a country’s strategy, engage the responsibility of many actors and damage diplomatic relations.
Today, in our society, humans depend entirely on information systems and associated digital means. At the heart of this ecosystem, the Internet network is based on a set of operator networks that must face new challenges every day: an exponential increase in the number of data to be carried, an explosion in the number of connected objects, an acceleration of cloud services, and the diversification and industrialization of cyber-attacks. These operators are therefore an essential pillar of the functioning of our modern societies, making them privileged targets for malicious actors. Listening to an operator network can give a considerable advantage to an attacker who can block or modify all or part of the information circulating on the attacked public network, the attack on the availability of this same network allows him to block an entire section of our society, all services combined (energy, transport, banking, insurance, public services…). Recent Distributed Denial of Service attacks show that attackers are investing massively to have attack capabilities that can damage an operators’ very robust infrastructures.
TEHTRIS protects critical infrastructures
TEHTRIS XDR Platform has been designed to detect and address all types of threats, including those created specifically to target critical environments. Based on artificial intelligence, sandboxing, heuristic analysis, the TEHTRIS XDR Platform is orchestrated by SOC analysts with extensive expertise in the field.
The constraints of safety systems in critical environments require a level of security that must not impact the structure under any circumstances. This is why the TEHTRIS XDR Platform is a key security tool because it is low-intrusive, reliable and responsive. It anticipates threats and stops risky behaviors before they have the slightest impact on normal operations. The detection grid ensures that all known and unknown threats will be prevented from passing through our platform.
