Defending Valuable Corporate IP From Cyber Espionage
CHALLENGE
Keeping Trade Secrets and Formulas Confidential
In an environment of fierce competition over global market share, clinical trial results and manufacturing specifications can be just as valuable as patents and formulas.
In 2016, one of Europe’s largest pharmaceutical companies was the victim of IP theft. And, for more than a decade, the hacking group Winnti has been launching cyberattacks on pharma/healthcare and other industrial organizations. When activated, the malware program can find and send confidential corporate data back to the attackers.
Attacks can originate on the IT or OT side of the business, and spread throughout the pharma facility. For example, threat actors have found ways to compromise insecure OT systems connected to the IT infrastructure, to access valuable intellectual property.
To protect your competitive position and your reputation, it’s critical to keep product development plans, research findings and other confidential IP secrets well protected.
SOLUTION
A Comprehensive Approach to Detecting Cyber Risks and Threats
Nozomi Networks takes a multi-dimensional approach to identifying suspicious activity – whether it’s external or internal, accidental or intentional.
Through behavior-based anomaly detection and multiple types of signature and rules-based threat detection, the solution identifies unauthorized activity such as:
Remote Access
Downloads
Log File Deletions
Controller Logic Changes
Configuration Changes
Edits to PLC Projects and more
All threat detection results are correlated with operational context for detailed insight. For example, the solution checks baselines for network peculiarities such as VPN access and IP ranges assigned to known asset vendors. If activity occurs outside normal ranges, an alert is triggered.
When suspicious activity is identified, the solution sends high-priority alerts to pharma security and operations staff, who can then execute the incident response plan to contain or eradicate the threat.
