Cybersecurity of the railway switch heating system requires an integrated approach at all levels of the architecture:
Levels | Threat vectors | Kaspersky products and solutions |
---|---|---|
Management level ❔ |
Antivirus protection | Kaspersky Hybrid Cloud Security Kaspersky Total Security for Business |
Data transmission channel |
Protection of data transferred to the cloud via traffic encryption (TLS-MQTT) Protection against external threats (Firewall/IPS) DDoS (channel unavailability) |
Kaspersky IoT Secure Gateway 1000
Kaspersky DDoS Protection |
Endpoint level |
Detection of unauthorized devices
Prevention of unauthorized interactions (Firewall) Protection of the gateway against hacking:
|
Kaspersky IoT Secure Gateway 1000 |
Kaspersky IoT Secure Gateway (KISG) 1000 is a hardware and software system based on the KasperskyOS operating system. Technologies of this OS do not allow manipulation of its critical functions, and also block all unauthorized actions by default. The gateway protects data, generates security events in the IoT infrastructure, enables management of connected devices via the MQTT protocol over TLS, and helps build secure systems for the internet of things. Centralized administration of KISG 1000 is via the Kaspersky Security Center platform. | |
Kaspersky Hybrid Cloud Security is a solution for protecting virtual machines and systems (local ones as well as the ones residing at data centers or in public clouds). | |
Kaspersky Total Security for Business is a solution for protecting endpoint devices (workstations and servers) and other nodes of an enterprise network (mail servers, internet gateways). |
Solutions developed by Kaspersky ensured the cybersecurity of the «SMART. Railway Switch Heating» system at all levels, and made the system transparent and manageable.
Attack vector | Potential threat | Продукты и решения «Лаборатории Касперского» |
---|---|---|
Cloud |
DDoS (system unavailability) | Kaspersky DDoS Protection (service) |
Compromise
(hacking, gaining access, modifying configurations, data spoofing/leakage) |
Kaspersky Hybrid Cloud Security | |
Data transmission channel |
Compromise
(Man-in-the-Middle, gaining access to data and substituting it) |
Traffic encryption (MQTT) ensures that the connection and data transfer are secure (Kaspersky IoT Secure Gateway 1000) |
DDoS
(channel inaccessibility) |
Kaspersky DDoS Protection | |
Gateway |
Gateway compromise — network or local attack/physical access
(hacking, gaining access, modifying software configurations, data spoofing/leakage) |
IDS/IPS, Secure Boot, Secure Update; inability to perform unauthorized actions or manipulate critical functions of the system (Kaspersky IoT Secure Gateway 1000 and KasperskyOS technologies) |
Internal IoT network (inside breach) |
Breach of the structural integrity of the network (new unauthorized connections to the network) | Network Discovery — detection of a breach and notification about the connection of an unauthorized device/user (Kaspersky IoT Secure Gateway 1000) |
Cloud platform (external breach) |
Disclosure and compromise of the “SMART. Railway Switch Heating» system | Kaspersky Hybrid Cloud Security |
System administration and operational maintenance processes |
Difficulty of monitoring the IoT infrastructure and prolonged response time to information security incidents
(inability to detect dangerous manipulation until physical damage is already apparent; lack of a full picture in real time; late detection/notification of the problem) |
Multitude of notification capabilities:
|
Security system management and operational maintenance (lack of a unified system for management, reporting, and incident response) | Unified cybersecurity management system with a centralized system for reporting, logging, and notifications (Kaspersky Security Center) |