Defending the Mine Against Malicious Data Theft

The Challenge

Keeping Confidential Corporate Information Confidential

In a world of fierce competition over dwindling accessible reserves, corporate data can be just as valuable as gold or diamonds.

In 2016, one of North America’s largest gold producers was the target of a cyberattack where a significant amount of corporate and personal information, including budget and payroll data, was held for ransom. When hackers didn’t receive the payoff, they posted the information online for all to see.

Cyber espionage could be an added threat if a mine operator wanted to gain unfair advantage in M&A negotiations or when bidding for drilling rights.

To protect your competitive position and your reputation, it’s critical to keep IP, business plans, financial performance and other confidential operational data under wraps.

The Solution

A Comprehensive Approach to Detecting Cyber Risks and Threats

Nozomi Networks takes a multi-pronged approach to identifying suspicious activity – whether it’s accidental or intentional.

Through behavior-based anomaly detection and multiple types of signature and rules-based detection, the solution identifies unauthorized activity such as:

Remote AccessDownloads
Log File DeletionsController Logic Changes
Configuration ChangesEdits to PLC Projects and more

All threat detection results are correlated with operational context for detailed insight. For example, the solution checks baselines for network peculiarities such as VPN access and IP ranges assigned to known asset vendors. If activity occurs outside those ranges, an alert is triggered.

When suspicious activity is identified, the solution sends high-priority alerts to mine security and operations staff, who can then execute the incident response plan to contain or eradicate the threat.

Click to enlarge.

The Nozomi Networks solution uses a multi-dimensional approach that considers both network connections and process state to identify cyber security and process reliability threats in real-time

Advanced Cyber Threat & Risk Detection

Guardian delivers advanced ICS threat detection capabilities that help you proactively identify unauthorized access to your OT network, and reduce forensic efforts and response time.

More Operational Visibility & Cyber Security Challenges

Effectively Monitoring My SCADA Networks

To optimize the use of raw materials, production schedules and logistics, I need visibility into – and data out of – my ICS networks.

Proactively Identifying Equipment Wear

A truck can cost $5M. A single tire, $60K. I need to know if any component is approaching burnout before it disrupts process stability.

Segmenting My OT Network for Better Resiliency

To prevent perimeter breaches from spreading, I first need visibility into my network structure, and insight into where vulnerabilities lie.


Want to Know More?