Detecting Cyber Attacks on ICS Networks

Critical Path Security is proud to announce that it has extended the Léargas passive security platform’s capabilities to include monitoring for ICS networks!   

This release includes signatures and detections for both Modbus and DNP3 protocols, which are commonly used to manage power plants, oil pipelines, water treatment facilities and manufacturing plants where a single errant function call can ripple through vital systems causing failures and creating potentially dangerous situations.

Our new signatures and detections enable Léargas to highlight potentially dangerous communications and identify malformed packets without the need to install an agent on a single endpoint, in real time!

These signatures and detections are mapped to the 7 Stages of the Lockheed Martin Cyber Kill Chain: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command & Control, and Actions on Objectives. Unlike the common CVSS scoring system, this rating structure provides insight to an attack as it progresses through an environment and enables prioritization in response and remediation to reduce the overall impact.


Leave a Reply