They say, anything which is programmable, is hackable. And this is not only true for the world of information technology (IT), even operational technology (OT), which runs, controls and supervises new-age industrial processes, faces cyber-attacks with potential for disrupting normal functioning of plants and manufacturing units. In some cases cyber-attacks can physically sabotage the targeted industrial entities. The infamous cyber-attacks on Iran’s nuclear plants, which mechanically crippled innumerable centrifuges, amply showed to the world the mayhem cyber assaults can bring to critical infrastructure. The widespread black-out in Kiev, Ukraine, had also been attributed to the nasty designs of cyber criminals. The world faces real threats.
As nations around the globe strive for automating their industrial sector—more so their critical infrastructure covering power generation & distribution; nuclear facilities; oil & gas installations; space programme centres; transportation; and pharmaceutical sector among others—parallel anxiety brews regarding the safety and security of their assets. The SCADA (supervisory control and data acquisition) and PLC (programmable logic controller) systems, which constitute the core of industrial automation, come under increasing attacks unleashed by cyber crime syndicates and even rival nation states. Sadly all these harbinger the arrival of a definitive era of cyber-warfare, where industrial control systems (ICS) come under increased attacks.
Given such scenarios, many of the cyber security technology providers have come forward for defending OT piece of critical infrastructure; however, Russia’s kaspersky Lab has taken much concerted efforts by bringing in ‘well structured’, ‘OT-specific’, cyber-security products & solutions which defend SCADA as well as PLC systems against cyber-attacks. Packaged as KICS (Kaspersky Industrial CyberSecurity), the new solution offerings cover vulnerability assessment of industrial control systems (ICS), security software products, their deployments, and sustained post-deployment services provisions.
In terms of software offerings, there are two distinct product suites—one is ‘KICS for Nodes’, which protects the SCADA nodes; and the other is ‘KICS for Networks’, which defends the inner OT networks. The SCADA nodes actually connect IT with OT; while the inner OT networks connect SCADA with PLC modules deployed at different locations on the industrial premises.
The Indian scenario is not different from the rest of the striving world as the nation has embarked on automating its critical infrastructure; rather, its industry sector as a whole. Quite recently, Kaspersky Lab has launched its industrial security solutions in India with great fanfare. For that Vicente Diaz, Principal Security Researcher, Global Research & Analysis Team (GReAT) of Kaspersky Lab, Barcelona (Spain), specially flew down to India. The company’s APAC headquarters based out of Singapore, which also controls Kaspesky Lab’s India operations, is equally excited, and in fact, has appointed two resources for addressing this new market segment—Vikram Kalkat, a former IBM veteran, has been roped in as the Senior key Account Manager, KICS Global Business Development; while Vineet Kumar Gupta, a former employee of industrial automation solutions provider, ABB, as Presales Manager, Kaspersky Lab, APAC. However, both of them work with perfect synergy with South Asia’s MD, Altaf Halde, who aspires to lend credible cyber security postures to India’s critical infrastructure entities.
In a recent interaction with Digital Edge, Vicente Diaz of Kaspersky Lab said that securing critical infrastructure had become the number one priority for countries having automated industrial set-ups. “In the last few years, stances of highly blended and targeted cyber-attacks on industrial units have gone up. And India is not an exception”, viewed Diaz. On the other hand, Altaf Halde of Kaspersky Lab, believes that the kind of security solutions his company carries can effectively protect critical infrastructure in India.
However, there has been an eerie realization by the team Kaspersky Lab that most of manufacturing and processing companies don’t grasp the urgency for protecting their automated operations. “There is a huge gap in the awareness level on the part of CIOs, CISOs and even floor managers of industrial units on the issue of protecting their industrial automation systems against cyber-attacks. In APAC region, the dearth of awareness is simply alarming”, said Kalkat.
Now, for addressing this new market domain, Kaspersky Lab has started to train its existing enterprise partners who can offer Kaspersky Lab’s OT security solutions as well. The other strategy the company has adopted is to engage with OT channel partners who sell SCADA and PLC systems in the Indian market. “We would heavily engage OT channels for taking our KICS range of security software products & solutions to the industrial automation market in the country”, revealed Kalkat.