Kaspersky has developed a secure approach to protecting nuclear power plants from the very beginning. Industrial control systems (ICS) are used to run modern critical infrastructures, including power stations and nuclear power plants. These objects operate at constant risk of cyberattacks. According to the statistics announced by Kaspersky ICS CERT at Cyber Security Weekend – META 2023, attacks were detected on 2023 percent of ICS computers in Turkey in the first quarter of 35,7, which is 2022 percent more than in the first quarter of 7,6. more. To protect nuclear power plants from cyber threats, Kaspersky has developed a unique secure design approach that eliminates the possibility of cyber attacks affecting infrastructure.
Kaspersky's secure design approach involves the use of different types of cybersecurity solutions in nuclear power plants, including network firewalls, data diodes, monitoring solutions, intrusion detection systems, endpoint protection, operational technology and IoT cybersecurity, and cybersecurity for networks and nodes. A secure design approach means building an IT-supported system (or facility) from the ground up to protect against malicious cyber-attackers' access to devices, data, and connected infrastructure. This approach relies on the inherent security of the system. Because the system has to stay in a safe and secure state throughout its lifetime and reduce the cost of high-quality protection.
Kaspersky has developed a complete set of documentation for the implementation of secure IT infrastructure from design in nuclear power plants. Kaspersky's risk management approach encompasses the selection of contractors, equipment, hardware and software, and takes into account existing attack tactics and techniques as well as new computer threats. The documentation includes a description of a nuclear power plant IT architecture, relevant recommendations, and ensuring cybersecurity and information security over the long lifecycles of nuclear power plants.
Approach to the protection of nuclear power plants
Ekaterina Rudina, Group Leader of Security Analysis at Kaspersky ICS CERT, said: “We use protection solutions that are traditionally 'on top' or 'plug-ins' on our computer at home or in the office. These do a good job of protecting us from this level of attack. But in the case of nuclear power plants, the approach to their protection must be different. Nuclear and radiological safety is determined by facility availability, reliable electricity supply, cybersecurity, among other factors. Nuclear power plant protection should be planned comprehensively in the early stages of plant design. Kaspersky's approach to nuclear power plant cybersecurity complies with all standards and recommendations of international organizations, including the International Atomic Energy Agency (IAEA).
Kaspersky experts made recommendations (even if not designed with security in mind) to protect power plants and other critical infrastructures from a variety of threats:
Perform regular security assessments of operational technology systems to identify and eliminate potential cybersecurity issues.
Make timely updates for key components of the OT network. Implementing security updates and patches or implementing remedial measures as soon as technically possible is critical to prevent major incidents that could cost millions due to production interruptions.
Establish ongoing vulnerability assessment and triage to lay the foundation for an effective vulnerability management process. You can stay up to date with Kaspersky ICS CERT's unique ICS Vulnerability Data Feeds with comprehensive and timely information.
Protect Industrial Automation and Control Systems with an ecosystem of custom, certified and locally integrated products and comprehensive services. Specialized solutions such as Kaspersky Industrial CyberSecurity can become an effective tool for maturely detecting and responding to cyber attacks against industrial environments.
For additional information for your security operations center, consider the analytical reports on ICS threats and threat feeds in the Kaspersky Threat Intelligence Portal
Improve response to new and advanced malicious threats by developing and strengthening your teams' incident prevention, detection, and response capabilities. Dedicated OT security training for IT security teams and OT personnel is one of the key measures to help achieve this.