Using machine learning to identify cyber campaigns targeting critical infrastructure

1 min read

Darktrace has created a new business unit, Darktrace Industrial, dedicated to identifying emerging and existing compromises on industrial systems and critical infrastructure networks.

Threats to critical infrastructure are garnering worldwide attention. Recently, the U.S. government issued a rare public warning that sophisticated threat-actors are targeting energy and industrial firms. In addition, the European Union Network and Information Security (NIS) Directive introduced security requirements as legal obligations for operators providing essential services including industrial automation control systems and connected devices.

The latest update of Darktrace Industrial Immune System, version 3, can detect silent and subtle attacks on control systems with new capabilities including:

  • New mathematical techniques focused on detecting low and slow attacks
  • Powerful ways to analyse and visualise ICS zone structures
  • Improved detection of compliance breaches within OT environments
  • Expanded support for legacy industrial systems and non-traditional IT, such as IoT

Industrial environments, reliant on legacy bespoke systems, face new security challenges such as connected industrial devices, sensors, remote maintenance repair operations, and increasing connectivity to IT environments. Darktrace’s self-learning approach understands the normal ‘pattern of life’ for every operator and device automatically without requiring agents, or knowledge of operating systems.

“With increased digitisation and the rise of the Industrial Internet of Things, the need for cyber security within operational environments has never been higher,” said Andrew Tsonchev, director of technology at Darktrace Industrial. “Darktrace has a four-year investment in the Industrial Immune System, the world’s first and only proven machine learning technology capable of detecting emerging attacks on OT environments, including ‘low and slow’ attacks, and ‘unknown unknowns’.

“Darktrace Industrial will enable the accelerated adoption of this pioneering technology, which already defends some of the world’s most complex industrial control environments from nuclear plants to power grids,” he added.