Protecting Critical Infrastructure

The Tip of the Iceberg

The water supply of the United States is at serious risk. The article following the above headline from SC Media reports that: “the OIG [Office of Inspector General] found that the EPA does not have an incident reporting system that water and wastewater systems around the U.S. could use to notify the EPA of cyber incidents.”

However, that problem is only the tip of the iceberg. The danger is far more severe than that. Not being able to report on an incident to the EPA is one thing. Not being able to detect an attack before it is too late is even more serious. If you can’t detect an attack immediately upon penetration, you cannot protect your environment.

A Source of the Problem

Unfortunately, the inability to detect cyber-attacks against critical infrastructure is a critical shortcoming of that entire infrastructure. The primary reason for this inability is that most critical infrastructure devices are very small and have very limited computing resources. They are far too “small” to run the typically large anti-malware systems that protect the traditional Information Technology (IT) infrastructure. Consequently, the current defense strategy relies upon monitoring the performance of the critical infrastructure devices from the outside, looking for abnormal behavior. That is, they wait until the attack has started and then sound the alarm. But often that is far too late. Some malware is so fast acting that they can cause serious, even catastrophic damage exceedingly rapidly.

A Solution to the Problem

The “obvious” solution to this problem is to have a malware detection system small enough and efficient enough to run inside of the limited resource devices, so small and so efficient that it does not negatively impact the performance of those devices. It would have to be a malware detection system that:

· Detects malware at the time of injection, before the malware has a chance to launch.

· Detects never before seen (previously undocumented) malware, so that the new coming wave of Artificial Intelligence (AI) generated malware will also be detected.

Currently, only one such system exists on the market: Crytica Security’s Rapid Detection & Alert (RDA) system.

Crytica is currently working with serious cybersecurity-aware vendors to deploy its RDA system throughout their product lines.