Defending the Mine Against Malicious Data Theft
CHALLENGE
Keeping Confidential Corporate Information Confidential
In a world of fierce competition over dwindling accessible reserves, corporate data can be just as valuable as gold or diamonds.
In 2016, one of North America’s largest gold producers was the target of a cyberattack where a significant amount of corporate and personal information, including budget and payroll data, was held for ransom. When hackers didn’t receive the payoff, they posted the information online for all to see.
Cyber espionage could be an added threat if a mine operator wanted to gain unfair advantage in M&A negotiations or when bidding for drilling rights.
To protect your competitive position and your reputation, it’s critical to keep IP, business plans, financial performance and other confidential operational data under wraps.
SOLUTION
A Comprehensive Approach to Detecting Cyber Risks and Threats
Nozomi Networks takes a multi-pronged approach to identifying suspicious activity – whether it’s accidental or intentional.
Through behavior-based anomaly detection and multiple types of signature and rules-based detection, the solution identifies unauthorized activity such as:
Remote Access
Downloads
Log File Deletions
Controller Logic Changes
Configuration Changes
Edits to PLC Projects and more
All threat detection results are correlated with operational context for detailed insight. For example, the solution checks baselines for network peculiarities such as VPN access and IP ranges assigned to known asset vendors. If activity occurs outside those ranges, an alert is triggered.
When suspicious activity is identified, the solution sends high-priority alerts to mine security and operations staff, who can then execute the incident response plan to contain or eradicate the threat.
