Energy & Utilities
Energy and utility companies play a vital role in delivering essential services to millions of people and companies worldwide. It is paramount that their OT networks are adequately defended, as disruptions and breaches could have significant knock-on effects. Already, we have seen the outcomes of these kinds of attacks, such as the 2015 and 2016 cyber-attacks against the Ukrainian power grid which left approximately 230,000 people without power.
The complex nature of energy and utility infrastructures adds a further challenge when it comes to suitably protecting the critical services they provide. With both transmission and distribution networks to protect, as well as central and remote sites, the unique environment in which these companies are operating requires a higher level of visibility. In addition, new technologies such as smart meters and remote working tools continue to influence the evolving cybersecurity needs of the industry.
Regardless of network topology, Darktrace Industrial can provide complete visibility of RTUs, and remote OT such as substations and compressors. By monitoring from a central location, and deploying small probe appliances into substations, Darktrace Industrial models and protects entire power grids and utility systems.
Oil & Gas
In recent years, the oil and gas industry has seen rapid growth in terms of the digitalization of its operations. Whilst the benefits of this have been huge, it has significantly increased cyber-risk. Oil and gas companies must now protect connected field devices, sensors and control systems, as well as traditional devices, often in low-bandwidth and challenging environments.
As the complexity of industrial networks grow, and cyber-attacks on OT increase in frequency and sophistication, legacy tools are no longer sufficient. In 2017, the Ponemon Institute reported that 68% of companies in the oil and gas sector had experienced at least one cybersecurity compromise in the past year. Given the potential for loss of financial assets and the risks to employee safety, cybersecurity must be considered a priority.
Relied on by some of the largest oil and gas companies around the world, Darktrace Industrial helps cut through the complexity and proactively protect these infrastructures from the most advanced cyber-threats. Whether upstream, midstream or downstream, Darktrace Industrial can be deployed at every stage, to protect oil and gas production and transportation.
Recognizing the diverse and difficult environments that oil and gas companies operate in, Darktrace Industrial appliances can support low-bandwidth and remote environments through the use of ruggedized industrial probes. Remote deployments on rigs can include local modeling and analysis, as well as central correlation for security monitoring of all assets.
As manufacturers continue to innovate and integrate cutting-edge technologies into their day-to-day business operations, they are increasingly attracting more sophisticated attackers. From automated shop floors, to connected supply chains, the modern factory contains a large degree of interconnectivity between OT and IT systems. This level of interconnectivity allows business critical operations to run smoothly by enabling real-time analysis of data and processes.
However, this convergence of OT and IT has expanded the attack surface and opened new inroads for sophisticated cyber-attacks and insider threats. For this reason, it is essential for manufacturers to adequately protect their critical business operations, which if disrupted can lead to significant financial losses and reputational damage.
By deploying appliances in both the control system and the business network, Darktrace Industrial provides a single point of analysis, allowing security personnel to centrally monitor all network activity, from ongoing regular PLC traffic, to distributed IIoT sensor grids. Darktrace Industrial defends some of the most complex manufacturing environments around the world, including FMCG giants and leading pharmaceutical, chemical, and automotive companies.
The transport industry is undergoing a transformation of unprecedented scale fueled by the accelerated adoption of new technologies, from IoT to AI. From smart train tracking to monitoring for emerging weather risks to automating signaling infrastructures, these technologies have streamlined processes and increased efficiency, while also offering invaluable insights. Meanwhile, customer-facing technology, such as ePassport gates, ticket machines, and Wi-Fi networks have significantly enhanced passenger experience.
As technology becomes increasingly decentralized and autonomous, the challenge of securing the transport industry’s distributed infrastructures against cyber-threat whilst maintaining a high-level of service grows. The risks of disruption to physical assets, interruption of services, and data theft have never been greater. Yet traditional tools come ill-prepared for fending off novel and sophisticated threats, which frequently slip into networks undetected.
Darktrace Industrial defends some of the world’s most complex transportation environments across the globe, including leading organizations in the rail, aviation, and automotive sectors. Irrespective of whether the threat is posed by a malicious insider, a nation-state, or an organized group targeting OT environments, the Industrial Immune System enables transportation organizations to regain the advantage over fast-moving and silent cyber-threats.
Modern maritime networks are a mix of OT and IT environments, containing a wide range of systems from crew and passenger internet services, to ship automation, cargo handling and navigation systems. The digital era has created new opportunities for maritime, changing the way all aspects of the industry operate, be it ship traffic control in some of the busiest straits of the world, or automated shipyard inventories.
Whilst hugely beneficial for an industry so dependent on order and efficiency, the growing reliance on innovative tools has opened up new vulnerabilities for maritime. Substantial security weaknesses have been reported in critical technologies used for navigation and much of the industry continues to rely on legacy systems and aging operational technology.
For an industry which carries 95% of our trade, the results of a cyber-attack could be devastating. A breach in the maritime industry could lead to criminal activity such as theft or piracy, physical harm to people, cargos, and vessels, or the loss of commercial and personal data.
Darktrace Industrial can protect both shore-based port infrastructure and shipping fleets. By using either physical or virtual monitoring of individual ships, entire fleets can be visualized and defended from the mainland. Darktrace probes can relay telemetry over low-bandwidth satellite uplinks to provide real-time visibility and investigation – key capabilities for securing the maritime industry.
Smart City Infrastructure
An integral part of smart cities is the constant exchange of data through an immense network of internet-connected objects and services. From smart energy and smart grids, to IoT enabled fleets and devices, city infrastructures are continually collecting and analyzing data in order to pro-actively govern and make better use of resources.
With such a vast array of devices communicating constantly and connecting and disconnecting to and from different networks, the challenge of keeping the network secure is monumental. One weak link or compromised end-point could lead to a serious break down in functionality and efficiency.
As a result of this increasing digitization, municipal authorities now have to take responsibility for maintaining and protecting a wide range of IoT and OT devices. Whether from the cloud or locally, Darktrace Industrial can monitor the communications from edge devices to provide real-time visualization and protection for smart city infrastructure. Darktrace Industrial can build behavioral models for all forms of IoT devices, regardless of protocol or vendor to understand normal behavior of millions of disparate endpoints.
Jamie Hassan, Senior Technical Engineer at Suzuki GB, discusses how Darktrace gives 100% real-time visibility and better understanding of their digital enterprise.
Established in 1996, ZPower is a leading manufacturer of rechargeable, silver-zinc microbatteries. Faced with an unfamiliar and fast-evolving threat landscape that includes subtle attacks, insider threats, and ransomware, ZPower’s IT team sought to develop a robust security stack that could help mitigate these risks.
Established in 1963, BH Global Corporation Ltd is a Singapore SGX Mainboard-listed group providing a variety of services — including supply chain management and manufacturing — for companies in both the oil and gas industry and the maritime and offshore industry. BH Global also has a security division that provides Enterprise IT security services, night visions security, and infrared health screening. A leader in each of its sectors of business, BH Global provides integrated and advanced solutions collectively across multiple industries.
MACOM decided to deploy Darktrace’s award-winning technology across its complex network because of its unique ability to detect threats in real-time without requiring a priori knowledge. By establishing a ‘pattern of life’ specific to MACOM’s network, Darktrace allows the company to investigate any deviations from ‘normal’ behavior, which may be indicative of a serious breach. In this way, MACOM is kept up-to-date about its network activity and remains informed at all times.
This industry-leading furniture manufacturer was keen to defend itself from any potential compromise to its intellectual property and designs, its confidential corporate information, or its sensitive customer data. Furthermore, the company was increasingly aware of the limitations of perimeter defenses and legacy approaches, which are unable to detect insider threat or zero-day exploits. Darktrace allows Steelcase the robust cyber security needed to protect its operations and its customers in today’s sophisticated threat landscape.
Saniflo is a French-owned subsidiary of leading global manufacturer SFA Group, selling plumbing technology for residential and commercial premises. Eager to maintain its reputation for technical expertise and quality of service, Saniflo was looking for a cyber security solution capable of keeping up with a constantly evolving cyber threat landscape that could also provide full network visibility.
Founded in 1917, Sunsweet is the world’s largest manufacturer of dried fruit, controlling more than a third of the global prune market. In order to help secure the sensitive data of nearly 300 grower-members, Sunsweet deployed Darktrace to detect emerging threats in real-time. By relying on the latest advancements in unsupervised machine learning and artificial intelligence, Sunsweet has boosted its productivity while enjoying greater confidence in its ability to stay abreast of a threat landscape that is increasingly characterized by speed, sophistication, and automation.
In an effort to protect its foundational intellectual property as well as its sensitive customer, employee, and partner information, Aqua-Leisure deployed Darktrace’s self-learning technology, whose cyber AI can detect the subtle threats that legacy tools miss. Because that AI is constantly evolving its understanding of ‘normal’, it autonomously grows and adapts as the Aqua-Leisure expands, making it a profoundly low-maintenance solution.
As a key transportation hub, Birmingham International Airport forms part of the United Kingdom’s critical national infrastructure, rendering it particularly susceptible to devastating cyber-attacks. Its Head of Information Security, Wayne Smith, describes how Darktrace has bolstered its IT security team by identifying such attacks to protect the airport’s over 10 million annual passengers.
H&M International Transportation
H&M manages nearly two million containers every year and provides a range of services — including steamship lines, intermodal trucking, and warehousing — to facilitate effective supply chain management. The company’s attack surface was rapidly expanding as its scope of operations widened, and, having positioned itself as an early champion of increased integration in the industry, it placed paramount importance on adopting a proactive approach to cyber security.
Transport systems are becoming increasingly interconnected via digital applications, making them more susceptible to cyber-attacks. FirstGroup was aware that these new attack vectors rendered its critical systems and networks vulnerable to today’s fast-evolving cyber-threats, and it decided to deploy Darktrace’s technology into the core of its network to better defend itself against even unknown adversaries.
Milan-Bergamo Orio al Serio International Airport
The digitization of airport practices creates potential vulnerabilities and possible entry-points for cyber adversaries. This is a pressing concern for Orio al Serio International Airport, which, as part of Italy’s critical national infrastructure, is already a likely target for malicious attacks. As such, the airport was keen to strengthen its cyber defense strategy with the latest, most innovative cyber technology available. After deploying Darktrace’s immune system technology, Orio al Serio International Airport now receives intelligent alerts flagging genuinely anomalous behavior, which may be indicative of cyber-threat, in real time.
A Dubai-based logistics provider to the oil industry, Tristar needed a cyber defense solution which was able to scale and adapt to their fast-growing business. Darktrace Antigena gives Tristar the threat detection and autonomous response capacities to protect its sensitive customer data and operational systems. Darktrace also provides the visibility needed to maintain Tristar's hybrid digital infrastructure.
The stakes of cyber-threats in this sector are high given the serious ramifications of an attack for national critical infrastructure. As a large company with a global customer base, Apave has many users on its network at all times. Given the limitations of traditional legacy tools in detecting novel attacks and insider threats, the company sought to invest in cyber AI technology to identify subtle deviations indicative of a threat across its entire digital infrastructure.
This leading Canadian local distribution company was concerned about fast-moving and automated threats like ransomware that have the potential to compromise its network within minutes. By arming itself with Darktrace’s innovative self-learning technology, Energy+ has renewed confidence in its security stack’s ability to mitigate evolving and increasingly automated attacks.
Bassadone Automotive Group
Founded in 1904 and based in Spain, Bassadone Automotive Group is an importer and retailer of several car brands. It is Gibraltar’s leading vehicle importer, possessing a one third market share. In search of a cyber security solution capable of real-time threat detection, Bassadone Automotive Group partnered with Darktrace to stay a step ahead of today’s cyber-threats.