If the recent SolarWinds attack has taught us anything, is that nothing and nobody is protected from today’s hackers. Particularly, if you are a government-owned or a critical infrastructure company, it is only a matter of time until you will also join the statistics.
SolarWinds which serves many federal agencies in the US, as well as a significant portion of Fortune 500 companies, was attacked in what is considered to be one of the most significant cyberattacks in history.
In a nutshell, here's a simple explanation of how the SolarWinds hack occurred:
So what are the implications?
Now, when the attack already took place, it will take years and a great amount of money to secure these systems again. The attack provides a real live demonstration of why companies should be adapting to a new reality in which they understand that there are already breaches in their networks, rather than merely reacting to attacks after they are discovered. One thing will continue to be given, attackers will always look for exploitable targets to provide them with access to other, more valuable, targets.
What can Cervello do to help?
After years of working in the Israeli Defense Forces and the Israeli Defense Industries, we deeply understand the risk. We understand that in cybersecurity, especially in the critical infrastructure industries sector, trust is a vulnerability. We strongly believe that in order to protect critical systems against cyber attacks, nothing inside or outside the network perimeter can be trusted. Anything and everything trying to connect to the critical signaling systems must be verified before granting access.
This is exactly why we implemented the Zero Trust methodology in our platform: Zero Trust is one of the most effective ways for organizations to control access to their critical assets. The methodology combines a set of preventative techniques including identity verification, micro-segmentation, endpoint security, and least privilege controls to detect abnormal behaviors and cyberattacks, both from external and internal sources. The Cervello platform can help you reveal insider and external threats without relying on any learning phase, prior-knowledge, assumptions, and/or third party software, and thus even to protect your valuable assets from sophisticated attacks such as the SolarWinds attack!
Please feel free to contact us for any further information regarding our solutions and best practices to mitigate railway cyber threats.