An Industry Under Siege
The 2010 Stuxnet attack that crippled 14 industrial sites in Iran and recent attacks against 10 major US energy companies speak to how vulnerable oil, gas, and utility companies are to cyber attacks. The consequences of these attacks are serious—potentially resulting in massive outages that could affect a wide geographical area and large populations. Typically, these attacks are motivated by politics rather than profit. Many of these incidents are acts of espionage, terrorism, and hactivism.
In the global energy sector, poorly secured endpoints are susceptible to both opportunistic attacks (drive-by-downloads or Trojans) and well-orchestrated advanced persistent threats (APTs) and spear-phishing attacks. Other risk factors include a high degree of Internet connectivity, complex infrastructures, and ineffective legacy security technologies.
Challenges: Evasive, Targeted Attacks
- Increasing zero-day and targeted attacksUnknown, targeted attacks commonly have the energy sector in their crosshairs. These attacks are polymorphic and use advanced evasion techniques, so they are able to bypass antivirus and other signature-based solutions.
- Ineffective layered securityBeyond antivirus and firewalls, energy companies often deploy a layered defense strategy that may include intrusion prevention, application whitelisting, secure Web gateways, and more. These systems are complex and costly, can limit user productivity, and require expert management. Because they are largely based on legacy detection technology, they are ineffective against stealthy, targeted attacks that can find their way to the corporate network primarily via endpoints.
- Uncontrolled endpointsMost energy companies rely on multiple suppliers for their automated equipment and not all have guidelines that address contractor access to systems.
Bromium: Removing the Attacker's Beachhead
Bromium’s revolutionary isolation approach is far more effective than detection-based solutions like antivirus, whitelisting, Web gateways and sandboxes. Bromium eliminates the attack pathway into the network—attackers cannot get past the endpoint to perform surveillance, steal credentials, establish persistence or ultimately compromise critical systems.
- Prevent breachesOur breakthrough isolation technology creates a disposable micro-virtual machine for vulnerable operations, like Web browsing or opening documents or attachments. Tasks are isolated from the host system, so there’s no need for detection or behavioral analysis—and the possibility of compromise is eliminated. If malware is on the website or in a document, it is contained in our micro-virtual machine, and it is discarded when the task or session is complete, so your endpoint, your network, and your infrastructure are not compromised.
- Click on anythingEnergy workers can put their attention on their work, without worrying about security—even if they make errors or use vulnerable applications.
- Streamline securityInvesting in additional layers of security and hiring more IT staff is no longer necessary. Your current IT team is relieved of the burden of urgent security patching and remediation, enabling them to spend their time on mission-critical projects.