The US Agency: The cause are the waves of cyber-attacks with destructive malware suffered recently by Ukraine.
The Israel Electric Corporation (IEC), one of the most attacked critical infrastructure worldwide, developed the E-Layer to counter cyber aggressions and, for the first time, shares it with international partners
The Israel Electric Corporation (IEC), one of the most attacked critical infrastructure worldwide, shares for the first time it’s knowledge on cyber security and cyber defense with the international partners. It’s called E-Layer and it’s a cyber shield. IEC in 2017 experienced millions of attacks every month (more or less 5,5 millions), with the average number of new threats per month around 1,100, and a peak of new around 4,200. Furthermore, the number of new types of cyber attacks and their mutation is growing. Sophistication is increasing constantly, using technics like “click-less” infection, “worm” infection spread enhanced mechanisms, “living off the land” – using legitimate system tools instead of malicious code insertion, RDP (Remote Desktop) protocols. Furthermore there is a significant increase of the use of ransomware. From cybercrime and state-sponsored actors with cyber warfare operations.
The concepts on which the IEC Extra Layer is based
The concepts on which the E-Layer is based are few but sensitive. Cyber attacks can happen anywhere, or use any path to penetrate the targeted organization. Furthermore, the border between IT and OT is not clear anymore. There is no real division line between them. OT Systems are the main penetration goal, but the penetration highway is through IT systems. Moreover, OT systems are less and less unique, and have become increasingly based on commodities, and standard protocols. Privacy and the supply chain are becoming the main cyber-attack enablers. IEC analyzed all these factors and created the cyber shield to counter them and make the compenies resilient in any case.
Why the E-Layer is an extra kick for the organizations. From a Cyber Security Architecture Design, with an emphasis on Critical Infrastructures (SCADA) to the Client-tailored Incident Response Program
The IEC E-Layer offers multiple services that can be added by the ones still in force in the organizations. Cyber Security Architecture Design, with an emphasis on Critical Infrastructures (SCADA systems), in order to protect the organization assets against cyber attacks (from single plant to country level Cybersecurity Masterplan Architecture). Cyber Security Policy Development aligned with the regulatory landscape of the organization (management vision). A cyber security Master Plan- Integrating all the above in a general plan including both legacy assets and the recommended avenues of interest for future development. Client-tailored Incident Response Program for hedging against cyber-attacks and faster recovery – with or without training of an in-house Incident Response Team, including all the relevant functions in the organization. Implementation plans including time-scheduled implementation program for bridging over the gaps recognized by the IEC’s experts.
From Gap and Risk Analysis to the implementation of the client Security Operation Center (SOC)
Furthermore, the IEC Extra Layer offers Gap and Risk Analysis, based on careful domain review and risk assessment of the organization’s IT and OT infrastructures, integrating international standards and regulations, and our own methods, and General Owner’s Engineer/Independent Advisor services- Independent, vendor- agnostic advisor counselling the client as to the best suited solutions on the market. As integrator, the company aims to design and create an integrated cyber defense configured layer of the system, processes and tools on the basis of the company battle-proven experience. Minimize the attack surface, by eliminating unnecessary vulnerabilities. Furthermore, Design and implementation of client’s own Security Operation Center, that will collect into one place all the cyber events and implement a unique correlation engine based on user behavior analysis. The solution is supplied as SOC on premise or as MSSP (in the cloud), and IR team methodology and deployment.