Symantec neural network to protect ICS from USBs
Symantec ICSP Neural will protect from threats on USB drives in use in industrial systems
Symantec has announced a neural network solution to protect industrial control systems and operational technology.
The Industrial Control System Protection (ICSP) Neural solution is a neural network-integrated USB scanning station that will scan USB devices to detect malware and other threats.
USB drives are still commonly used for updating industrial control systems, and are still a common threat vector for attacks against such systems.
The Symantec ICSP Neural solution utilizes artificial intelligence to prevent known and unknown attacks on IoT and OT environments by detecting and providing protection against malware on USB devices. ICSP Neural stations scan, detect USB-borne malware, and sanitize the devices.
The ICSP Neural scanning process has been designed to be simple to use, requiring no specific security or IT training. Once connected, ICSP Neural emits visualizations and real-time signals through the LED light ring that indicate when malware has been detected and sanitized.
The Symantec-designed neural engine harnesses the power of Symantec's world-class threat intelligence network to increase detection efficacy by up to 15%. It also detects adversarial machine learning attempts and initiates self-learning to provide protection against unknown threats. The AI-powered technology can learn in real-time, leading to sustained efficacy with limited internet connectivity - up to twice as long. These artificial intelligence and organic self-adaption capabilities can protect organisations against emerging and future attacks. The neural engine enables high-intensity detection with near-zero false positives, the company says. These capabilities are accomplished using just a tenth of the bandwidth of other similar solutions - an indispensable feature for systems using VSAT connections.
ICSP Neural supports a full range of OT and IoT devices and systems. The optional enforcement process prevents use of unscanned USBs with less than a 5MB installation footprint and can be deployed on operating systems from Windows XP to Windows 10 (Linux support is planned in 2019).
"USB devices are given away at events, shared between co-workers, and reused again and again for business and personal use, introducing the risk of accidental or malicious infection. The impact of connecting an infected device to a critical system can be devastating," said Patrick Gardner, senior vice president, advanced threat protection and email security, Symantec.
"Behind the scenes, ICSP Neural will retrofit existing infrastructure with a central nervous system to provide protection for critical infrastructure. On the front end, a rugged aluminium design embodies a simple, intuitive user experience that clearly highlights potential threats."