itb-au logo
Story image

FireEye rolls out threat intelligence platform for industrial systems

13 Dec 2019

FireEye has announced the general availability of its new threat intelligence platform for physical systems, such as industrial control systems (ICS), operational technology (OT), internet of things devices, and other equipment used to manage interconnected physical processes.

FireEye Cyber Physical Threat Intelligence provides context, data, and actionable analysis on threats to cyber physical systems.

The subscription delivers in-depth analysis on cyber physical-focused malware and malicious tactics, techniques and procedures (TTPs), threat actors, threat activity, vulnerabilities and strategic insights.

This reporting is derived from frontline findings of industry-leading threat intelligence experts and FireEye Mandiant engagements, as well as deployed FireEye technology and an extensive worldwide network of FireEye sensors.

The company says that after 15 years of analysing cyber attacks, it has observed a consistent pattern across almost all OT security incidents.

This pattern indicates that there is significant overlap across TTPs utilised by threat actors targeting both IT and OT networks.

According to FireEye, the company’s observations can be summarised in what we call the Theory of 99, which states that in intrusions that go deep enough to impact OT:

  • 99% of compromised systems will be computer workstations and servers
  • 99% of malware will be designed for computer workstations and servers
  • 99% of forensics will be performed on computer workstations and servers
  • 99% of detection opportunities will be for activity connected to computer workstations and servers
  • 99% of intrusion dwell time happens in commercial off-the-shelf (COTS) computer equipment before any Purdue level 0-1 devices are impacted

Further, FireEye has shaped its philosophy based on this expertise. Its philosophy is that visibility into network traffic and endpoint behaviours is as critical in preventing pivots to key assets in the OT network as in IT security. By drawing parallels between these intrusion methods, detection opportunities can be identified earlier.

FireEye’s SVP of global intelligence Sandra Joyce explains, “While the intersection of the virtual and physical worlds has led to revolutionary connectivity and instrumentation, these benefits also introduce new and complex risks.

“For organisations tasked with maintaining the security and continuity of these systems, FireEye Cyber Physical Threat Intelligence provides an early warning on critical vulnerabilities, and actionable intelligence on the adversaries targeting them.”

FireEye offers organisations an end-to-end solution for ICS and OT, inclusive of threat intelligence, consulting, and Managed Detection and Response (MDR) services, the company states.

This combination of in-depth insight into ICS threats, custom risk ratings with actionable recommendations, and continuous threat detection, asset modelling, and direct collaboration with FireEye OT security experts during high priority incidents presents a powerful way to identify areas of concern and accelerate response.

Story image
Fortinet holds position as fastest-growing SD-WAN vendor
According to a new Omida report, the company has seen a 247% revenue growth year-on-year. Plus, Fortinet announces Fortigate 80F.More
Link image
Lessons from the new world: The reality of remote work in A/NZ
Dive into the compelling lessons of remote work and how businesses can adapt and embrace new models of working.More
Story image
PNY launches HP memory products in Australia and NZ for the first time
"These HP products are part of PNYs major and continued commitment to launching high-quality memory products into Australia and New Zealand."More
Story image
Digital transformation has become 'unstoppable' and essential for retailers, study finds
“The strong adoption of digital transformation by finance teams just demonstrates its incredible power to affect the bottom line. This survey illuminates the deep changes in the retail industry, which are mostly an acceleration of the trends that were already in motion.”More
Story image
NTT creates A/NZ business as part of Asia Pacific expansion, announces new leaders
"Creating this extended region means that NTT Ltd. will be a stronger partner for its 1,400+ clients across Asia Pacific, making it easier for partners to work with the organisation."More
Story image
AWS launches fully-managed fraud detection service
Businesses lose billions of dollars to online fraud every year, however businesses respond by investing in cumbersome fraud management solutions that often rely on hand-coded rules and are difficult to keep up to date.More