Defending Valuable Corporate IP From Cyber Espionage

CHALLENGE

Keeping Trade Secrets and Formulas Confidential

In an environment of fierce competition over global market share, clinical trial results and manufacturing specifications can be just as valuable as patents and formulas.

In 2016, one of Europe’s largest pharmaceutical companies was the victim of IP theft. And, for more than a decade, the hacking group Winnti has been launching cyberattacks on pharma/healthcare and other industrial organizations. When activated, the malware program can find and send confidential corporate data back to the attackers.

Attacks can originate on the IT or OT side of the business, and spread throughout the pharma facility. For example, threat actors have found ways to compromise insecure OT systems connected to the IT infrastructure, to access valuable intellectual property.

To protect your competitive position and your reputation, it’s critical to keep product development plans, research findings and other confidential IP secrets well protected.

SOLUTION

A Comprehensive Approach to Detecting Cyber Risks and Threats

Nozomi Networks Solution: Alert Detail The Nozomi Networks solution takes a multi-dimensional approach to detecting cyber risks and threats. It uses both threat signatures and anomaly detection to identify attacks in process, and deliver clear, actionable information.

Nozomi Networks takes a multi-dimensional approach to identifying suspicious activity – whether it’s external or internal, accidental or intentional.

Through behavior-based anomaly detection and multiple types of signature and rules-based threat detection, the solution identifies unauthorized activity such as:

Remote Access

Downloads

Log File Deletions

Controller Logic Changes

Configuration Changes

Edits to PLC Projects and more

All threat detection results are correlated with operational context for detailed insight. For example, the solution checks baselines for network peculiarities such as VPN access and IP ranges assigned to known asset vendors. If activity occurs outside normal ranges, an alert is triggered.

When suspicious activity is identified, the solution sends high-priority alerts to pharma security and operations staff, who can then execute the incident response plan to contain or eradicate the threat.

Advanced Cyber Threat & Risk Detection

Vantage delivers advanced OT and IoT threat detection capabilities that help you proactively identify unauthorized access to your OT/IoT network, and reduce forensic efforts and response time. Threat Intelligence delivers ongoing OT and IoT threat and vulnerability intelligence, making it easy to stay on top of the dynamic threat landscape in your pharma environment.

Let's get started

Discover how easy it is to identify and respond to cyber threats by automating your IoT and OT asset discovery, inventory, and management.