NanoLock’s zero-trust cybersecurity suite to protect industrial machinery, production lines

NanoLock has announced the launch of a new suite of zero-trust cybersecurity solutions for the industrial and manufacturing market. In a press release, the firm claimed to be the first to offer device-level protection solutions designed specifically for legacy and new industrial machinery and smart factory production lines. The launch comes in the wake of a joint cybersecurity alert surrounding advanced persistent threat (APT) attacks on industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices.

Zero-trust approach prevents unauthorized modification

NanoLock’s industrial product suite was developed in cooperation with industrial and manufacturing companies to protect ICS devices and industrial machines, ensuring the operational integrity of machines and production lines without impacting performance and functionality, the firm said. It has been designed to integrate with devices and systems to provide a device-level zero trust security approach that prevents unauthorized modification attempts, protecting connected industrial devices from multiple attack vectors.

“The chaotic reality of the cybersecurity landscape is that there is no way to know where the next attack will come from, so the world must move away from detection to prevention to ensure business continuity,” commented NanoLock CEO Eran Fine.

APT actors targeting ICS/SCADA devices with custom attacks

A recent joint cybersecurity advisory from the U.S. Department of Energy (DOE), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the FBI emphasized the need for enhanced security approaches to protect industrial/OT environments from APT cyberattacks. “APT actors have developed custom-made tools for targeting ICS/SCADA devices,” the advisory read. “The tools enable them to scan for, compromise, and control affected devices once they have established initial access to the operational technology (OT) network.”

Organizations in the space were urged to implement mitigations to address the threats posed to ICS/SCADA systems, including:

• Isolate ICS/SCADA systems and networks from corporate and internet networks using strong perimeter controls.
• Limit communications entering or leaving ICS/SCADA perimeters.
• Enforce multi-factor authentication for all remote access to ICS networks and devices whenever possible.
• Enforce the principle of least privilege.
• Leverage continuous OT monitoring to alert on malicious indicators and behaviors.
• Limit ICS/SCADA systems’ network connections to only specifically allowed management and engineering workstations.