At present, cyber threats against circuit transmission networks are rapidly escalating, especially attacks against SCADA systems are becoming more and more common. It is almost impossible to resist every "state-of-the-art" cyber attack, so "containment" measures are very important.
According to a latest report from Dell’s security department, the number of cyber attacks on data acquisition and surveillance and control (SCADA) systems nearly doubled last year, and the number of cyber attacks on SCADA systems has increased compared to 2012. Nearly six hundred percentage points. Although these data are very alarming, another key research result is even more disturbing. Physically destructive attacks are becoming more and more common. In fact, in all network security incidents last year, 25% of network attacks were aimed at SCADA systems. These specific types of attacks can shut down mechanical equipment in industrial systems, and may also damage the physical entities of the equipment. Researchers speculate that such attacks will become more serious in the next few months, and even in the next few years. In addition, the United States will become the third country in the world most affected by such attacks. The Industrial Control System Cyber ​​Emergency Response Team (ICS-CERT) of the U.S. Department of Homeland Security has similar findings. They found that attacks on critical industrial infrastructure are increasing. The energy industry is the most affected by this type of attack among all attack targets. (Accounting for 32% of all attacks). Moreover, denial of service (DoS) attacks have become a favorite of attackers.
Why is this sophisticated attack becoming more frequent now?
Mainly because of the following two reasons:
The first is hackers. Hackers collude with foreign governments and conduct organized cyber crimes.
Secondly, power companies are the most important targets of all groups. Taking into account various political factors, attackers can make huge profits from attacks.
So in the next few years, such attacks will become more frequent, and the consequences will become more and more serious.
Stealthier attacks:
The IT team of the power company is probably the most familiar with "phishing" emails and "botnets", because these two are most likely to infect their network systems. However, these attacks will escalate, and then become more complex, purposeful and concealed. Under normal circumstances, major organizations should pay special attention to the following two types of attacks: "cross-site scripting attacks" and "drive-by attacks." Both types of attacks will use legitimate websites to invade a company's internal network, but we will not provide you with too many technical details here. But how is this achieved? Because a vulnerability exists in a legitimate website (these website can be a well-known website, a new website, or a technical forum, etc.) that allows an attacker to execute malicious code, and can also implant malicious software in the website , So you can infect any user who visits this website. The only requirement for a "drive-by attack" is that a company employee is required to visit the infected website. In a cross-site scripting attack, when a company employee clicked on a legitimate link attached to an email, they were successfully infected.
Attackers are also more inclined to attack the computer system of a company employee's home. The attacker can steal user credentials stored on a home PC or infect a removable media storage device (such as a USB flash drive) because the employee is likely to bring these devices to his workplace.
Destructive malware:
Malware is also constantly evolving. Now there are more destructive and powerful malwares that we have never seen before. Many people may be familiar with the name "Stuxnet". This is a complex worm virus. It is the world's first destructive virus written specifically for industrial control systems. It has infected industrial systems in many countries and regions. And individual users. Of course, there are many other kinds of viruses, worms, and Trojan horses that can disable some functions of physical devices. The two most important parts are: "wipers", which can erase all data on a computer or device, making the target device completely unusable; the other is "encrypted malware", which does not Delete the data on the device, but use an encryption method that is almost impossible to crack to encrypt the data in the device. In layman terms, the purpose of encrypted malware is to "blackmail" users.
Denial of service:
In addition to malicious software that can disrupt the daily operations of the factory, there are a large number of web attacks that can do the same. The two most common ones are: "buffer overflow", when an attacker performs a flood attack on the network, it will cause the network system to be paralyzed; the other is a "distributed denial of service attack", which uses a large number of reasonable services Requests occupy too many service resources, so that legitimate users cannot get a response from the service, and the system is paralyzed. The fact now is that your factory is vulnerable to these types of attacks. According to a report from the Department of Homeland Security, researchers have found that these vulnerabilities are the most common vulnerabilities in industrial facilities.
Deploy effective defense measures (Developing an effecTIved effect):
As these attacks will become more and more complex, it is even more important for company managers to focus their work on the loss handling and control measures after the attack occurs during their active cyber defense process. important.
If you want to defend against every "state-of-the-art" cyber attack, this is almost impossible, so "containment" measures are equally important.
Available defensive measures include performing security audits on outdated or unpatched systems, deploying corresponding anti-virus software on personal workstations, network servers, and web applications, and so on. For example, is there any device running Windows XP or Windows Server 2003 operating system connected to your network? In your industrial production environment, you also need to install modern firewalls, malware detection tools, set up email whitelists, and set up firewalls that can actively monitor suspicious network activities (such as data leakage). All removable/portable media storage devices are prohibited from entering the workplace-this means that all USB flash drives, smart phones, tablet computers and other devices are not allowed to enter the workplace.
Containment measures after a security incident are also crucial. You need to ensure that all critical industrial systems have air gap systems. Then learn how to divide the network in the best way from network systems in other fields. Network segmentation is very critical, because when a computer in the network is infected, it cannot infect the entire network system. You are also suspicious of adopting an "access control" strategy. A single company employee should not have too many permissions to access company data, systems, and key business. At the same time, you also need to check the program log records of your industrial system frequently. This is very important, because any network incident will be fully recorded so that the incident response team can determine the type of attack and the extent of the damage caused by the attack.
2 In 1 Laptop
Do you know the difference of Yoga Laptop and 2 in 1 laptop? No. 1 is yoga notebook with 360 flip rotating absolutely; No.2 is laptop yoga slim is just like normal Education Laptop-connecting screen with keyboard, but 2 in 1 laptop tablet with pen is separately, you can use the monitor part as a window tablet. In one word, every intel yoga laptop have all the features and function of tablet 2 in 1 laptop except separated screen and keyboard. From the cost, windows yoga laptop is much higher than 2 in 1 type., cause usually former with more complicated craft and quality.
What other products you mainly produce? It`s education laptop, Gaming Laptop, engineering laptop, Android Tablet, Mini PC and All In One PC. You can see more than 5 different designs on each series, believe always have right one meet your special application or your clients demands. Therefore, what you need to do is just to get all the requirement details from your clients, then share the complete information with us, then we can provide the most suitable situation.
Of course, you can also call or email or send inquiry of what you need, thus can get value information much quickly.
2 In 1 Laptop,2 In 1 Laptop Sale,2 In 1 Laptop Tablet With Pen,Tablet 2 In 1 Laptop,2 In 1 Laptop Deals
Henan Shuyi Electronics Co., Ltd. , https://www.shuyicustomlaptop.com