With the modernization of manufacturing technology and industrial automation infrastructure, a distinct category of cyberattacks has emerged with unprecedented physical impacts on products, employees, clients and local populations. Today, industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems are integrated and employed in all key components of digital factories, controlling natural gas distribution systems, oil pipelines, the electric power grid, renewable energy applications, and water systems, among others. Originally intended to collect and analyze real-time data, control local and remote manufacturing processes, interact with other OT systems, and log operational events, the systems have been exposed as a source of vulnerability and new cyber threats that can disrupt the modern production line. As a result, cybercriminals are becoming more and more interested in exposed ICS/SCADA management services and insecure communication and control protocols.
Experience
An extensive range of security assessments on critical infrastructure has been conducted by CENSUS, including device assessments for gas and water smart meters, vulnerability assessments on the communication layer (e.g. modbus) of OT devices, configuration audits of infrastructure elements, applications assessments for exposed services, source code security review for the software designed for soft-core or hard-core embedded microprocessors, threat modeling, penetration testing for organizational infrastructure and processes, social engineering and physical attacks on organizational headquarters and facilities.
Services Overview
To protect critical infrastructure, CENSUS provides a variety of services including:
- Network Infrastructure Testing
- Device Security Testing
- Firmware Source Code Auditing
- Network Protocol Analysis and Fuzzing
- Web & Mobile Application Security Testing for companion ICS/SCADA apps
- Tiger Team, Red Teaming & Penetration Testing
- Threat Modeling
- Training & Consulting
Contact us to find out more on how your business can benefit from our services for Critical Infrastructure.
Case Studies
CENSUS publishes case studies to highlight the approach and the value of the services provided to certain industries. Case studies from sectors considered in the Critical Infrastructure group can be found below: