Use Case: Detecting Malicious Data and Advanced Attacks

As seen with Stuxnet, systems that monitor legacy field devices often utilize data from higher- level logic controllers, leaving them vulnerable to false feedback. If a logic controller is compromised, an adversary can use it to send false data representing normal operations to security solutions while writing malicious commands on the field device. With this freedom to operate unseen, the bad actor can enact cyber-physical damage on field devices such as tripping a breaker, over-pressurizing a pipeline, or spinning a motor out of control.

By passively tapping serial communications at the lowest ICS layer, the SerialGuard AnalytICS Platform provides direct visibility into the data integrity of serial communications, functioning as a last line of truth for legacy critical infrastructure.

This use case outlines how the SerialGuard AnalytICS Platform gives asset owners and OT operators the real-time information they need to mitigate the risk of cyber-physical damage to legacy critical infrastructure.

Complete the form to download the use case: