Cyber security is in demand in every sector
As a rule, all companies are affected by cyber risks
IT is used in almost every company, in the context of which cyber threats are a global risk which can cause damage in any company.
There should also be an awareness for risk in the manufacturing environment.
Attacks to critical infrastructure are especially challenging to manufacturing companies in cases in which cyber attacks lead to the failure of process IT systems and it is no longer possible to manufacture products, which naturally has a negative financial impact.
Various cyber attacks that have occurred in recent times appear to show that infrastructure is becoming an increasingly frequent target for hackers. Systems in the following areas are thought to be particularly critical:
- Utilities infrastructure – especially for water and electricity (intelligent networks, for example)
- Transport control systems (road, water and air transport)
- Medical supply systems
- Control systems (nuclear power stations, for instance).
- Telecommunications
In the worst case scenario, cyber risks pose a risk to human life
Furthermore, cyber risks also have a personal impact on the individual. In manufacturing systems, interruptions caused by malware in IT systems don’t just lead to manufacturing downtimes, they can also cause employees to suffer accidents, which can even cost lives. The risks which can arise due to cyber threats aren't only of relevance to manufacturing companies.
Office IT can also have insufficient protection.
The increased internal networking of data communications is leading to an increasing number of new IT security risks in the governmental sector in particular. Security risks such as denial of service attacks, the manipulation of data and systems or phishing can cause considerable damage in office environments and the governmental sector. But that’s just the tip of the iceberg: the attacks are becoming increasingly targeted, and are using methods and tools which conventional IT security solutions are unable to detect or prevent. Patch management, virus protection, firewalls and intrusion prevention systems (IPS) are only of limited value for the protection of the office IT. A general problem is that additional know-how or more time and effort needs to be devoted to the solutions so that they can provide sustainable protection against attacks. An alternative approach is therefore required which is able to supplement the current security technologies to a satisfactory degree.
The principle of the honeypot appliance: Virtual bait aims to attract and challenge hackers
Honeypots work according to a simple principle: they provide the hacker with access, but only to a limited extent. They are a kind of resource, the value of which is that they are attacked because they are thought to be part of the network. This means that they are bait which can be distributed liberally around the network. Honeypots can also be of noteworthy benefit at the internal level, as they are typically positioned internally in great number. It offers typical services and links several IP addresses without bringing about performance problems. Sometimes, the notification that a certain system has made a connection attempt is sufficient.
The honeyBox® makes up to 40,000 of these virtual honeypots available. The security notifications of honeyBox® are gathered centrally and the administrator is notified. The notifications can be evaluated according to differing criteria via a secure HTTPS connection in the browser. This makes the possibility of a targeted drill-down available. The notifications can also be forwarded to third party systems (e.g. via syslog).
Further information about the operating principle of the honeyBox® is available here.
The honeyBox® can offer you the following:
- a reliable detection of attacks to networks and a very rapid detection of viruses with the monitoring of up to 80 sub-networks on a single device (honeyBox® enterprise with VLAN support)
- no compromises to the network availability and virtually no false positives
- straightforward integration, limited operating costs and no changes to the network infrastructure necessary