Symantec targets USB-borne malware with new ICS defence tool
Industrial Control System Protection (ICSP) Neural utilises AI to prevent attacks on IoT and OT environments
Symantec has launched a security solution to defend against USB-borne malware that target operational technology (OT).
The Symantec Industrial Control System Protection (ICSP) Neural utilises artificial intelligence to prevent attacks on IoT and OT environments by detecting and providing protection against malware on USB devices. ICSP Neural stations scan, detect USB-borne malware, and sanitise the devices. Existing ICSP deployments have shown that up to 50 percent of scanned USB devices are infected with malware.
“USB devices are given away at events, shared between co-workers, and reused again and again for business and personal use, introducing the risk of accidental or malicious infection. The impact of connecting an infected device to a critical system can be devastating,” said Patrick Gardner, senior vice president, advanced threat protection and email security, Symantec. “Behind the scenes, ICSP Neural will retrofit existing infrastructure with a central nervous system to provide protection for critical infrastructure.”
OT is mission-critical in industries such as energy, oil and gas, manufacturing, and transportation, but legacy systems are often outdated and nearly impossible to secure with traditional endpoint security. Companies have typically relied on unscanned USB devices to update these systems, increasing the potential for malware infection and targeted attacks.
The threat of cyber warfare – including physical damage and personal safety – is very real and the consequences are potentially devastating. Despite this, the industrial control systems that power critical infrastructure often run on outdated Windows systems leaving them vulnerable to both known and unknown threats. For example, the infamous Stuxnet worm used USB-based malware to manipulate centrifuges in Iranian nuclear plants – ultimately sabotaging a key part of the country’s nuclear program.
Simplifying the scanning process is critical to overall security hygiene, as operational technology environments are often in remote areas or field operations, far removed from an organisation’s IT teams. As such, the ICSP Neural scanning process requires no specific security or IT training. Once connected, ICSP Neural emits visualisations and real-time signals through the LED light ring that indicate when malware has been detected and sanitised.